Oft-predicted crypto-exchange attacks have already started this month: better buckle up in cyber-paranoid mode for a safe corporate year!
The 12 months of 2021 presented unprecedented cybersecurity threats to the world. From the aftermath of SolarWinds and the Colonial Pipeline attack to the developing Log4j crisis, the chaos all corners of the cyber world and some will continue for a long time to come.
Experts have pitched their cyber predictions since October last year, and CybersecAsia has curated and published many of their views.
As we glide past the last days of January 2022, here are 10 more predictions for your consideration and monitoring, contributed by executives, analysts, and experts of IronNet.
- Threat actors will deploy more resources to broaden their malware scope
The success rate of cyberattacks in 2021 enabled cybercriminal organizations to invest large sums of capital for funding future hacking efforts. And with additional resources to leverage, expect adversaries to deploy a broader scope of malware in 2022, leading to breaches that will be increasingly difficult to detect and defend against.
- Watch for more government cyber-policy edicts
Major new reactionary initiatives to strengthen America’s cybersecurity posture were developed by the US government last year. The effectiveness of those initiatives, however, still remains to be seen. The immediate impact of this enhanced focus on cybersecurity will be a critical situation to monitor throughout 2022.
- 2FA and SSO will separate 2022’s cyber winners from losers
While it may sound simple in nature, making a commitment to impose two-factor (or multi-factor) authentication and single sign-on practices will dictate what organizations stay safe in 2022.
All critical network access points should require at least two-factor authentication by default. In addition, single sign-on authentication schemes can help reduce the rate of human error in managing credentials across multiple applications.
– Anthony Grenga, VP, Cyber Operations
- Ransomware actors will increase attacks on more cloud environments
In 2022, ransomware actors will begin to pivot from Windows-based ransomware strategies in order to cast a wider net infiltrate cloud environments. This will require attackers to adopt and deploy more varied tools such as Linux ransomware and cluster-based ransomware.
- Expect more attacks on e-commerce and cryptocurrency exchanges
The pandemic caused small businesses to rapidly adopt e-commerce to compete with digital retail giants and remain profitable. With limited security resources to leverage, these players will not be capable of defending against an uptick in attacks on their omnichannel platforms.
Cybercriminals will also place a heavy emphasis on exploiting flaws and vulnerabilities in cryptocurrency exchanges via not-so-smart smart contracts, DeFi logic, and the underlying infrastructure of cryptocurrency exchanges.
– Bill Swearingen, Security Strategist
- Nation-state attackers will be bolder, because governments can get away with it
Without proper sanctions and accountability for nation-states that host attacks, both the direct ransomware attacks and the ransomware-as-a-service digital extortion efforts will continue to inflict chaos on the public and private sectors worldwide.
As a result, we should expect to see an increase in incidents similar to the Colonial Pipeline attack in the USA.
- The private sector will further embrace Collective Defense approachesWith increased understanding that a siloed approach to cyber defense is no longer viable amidst an evolving threat landscape, 2022 will usher in a resurgence of collaboration across the private sector.
More organizations will shift toward a concept that encompasses both the core intelligence sharing, as well as active collaboration and joint work among organizations, industries, and governments to address the very real and evolving cyber threats we face.
The US White House Cybersecurity Summit in August 2021 that brought together the Biden Administration with the CEOs of key private sector companies was a positive step in the right direction, and in 2022, it is critical that this Collective and Collaborative Defense movement is put to action
- Threat actors will increasingly target global supply chains
By their successful attacks on critical infrastructure and global supply chains last year, it is safe to assume that adversaries may very well respond in 2022 with higher volumes of attacks on key parts of both critical infrastructure and other important supply chains.
Possibly, rather than exclusively targeting major manufacturers and distributors of goods and services, threat actors will focus on smaller providers that are critical to the functions of the entire supply chain ecosystem.
The reasoning is simple: the smaller players are high-value targets that may lack tools and funding needed to defend themselves. Attackers may seek to capitalize on that imbalance and target exfiltration points in an effort to gain access to the wider supply chain network.
– Jamil Jaffer, SVP, Strategy, Partnerships & Corporate Development
- Software entities will remain highly vulnerable
Threat actors will attempt to capitalize on vulnerabilities in the software supply chain to infiltrate the customers and partners they serve. The rise in software supply chain threats (such as recent exploitation of the Logj4 vulnerability) will heighten the need to ensure coding is carefully constructed and meticulously monitored as a primary focus of extensive security follow-ups.
- Enterprises that prioritize an ‘already breached’ Zero Trust mindset will stay safe
Organizations that operate with the viewpoint that a network breach is not just plausible but inevitable will prioritize mitigation over detection in order to alleviate compromises as quickly as possible and secure high-value assets.
In addition, working actively to identify both perimeter and internal network threats while searching for indicators of enemy activity before anomalies are flagged will be key.
Also, it will be imperative to establish a senior executive-level cybersecurity position with equal power to the CIO and CTO to level the playing field for resources and implementing more expertise into cyber-related decision making.
– Peter Rydzynski, Principal Threat Analyst