Biggest cybersecurity challenges to watch out for in 2022

2022-01-25 10:59

Reports

Biggest cybersecurity challenges to watch out for in 2022

Insurance Business 

The past two years have been marked by rapid acceleration in digital transformation among businesses and organizations worldwide brought about the disruption caused by the COVID-19 pandemic – a trend that experts expect to continue in 2022. However, these experts also foresee new and evolving cybersecurity challenges, which will prompt many companies to implement innovative measures to protect themselves from damaging attacks.

“Homeworking, the ongoing digitization of society, and the increasingly online nature of our lives mean opportunities about for phishers, hackers, scammers, and extortionists,” wrote renowned author and business and technology advisor Bernard Marr in a piece for Forbes Magazine. “As we head into 2022, there is, unfortunately, no sign of this letting up. This is why it’s essential for individuals and businesses to be aware of the ever-growing avenues of attack as well as what can be done to mitigate the risks.”

Kev Eley, vice-president of sales for Europe at Colorado-based security intelligence firm LogRhythm, also noted how businesses need to enhance cyber protection with the quick transition to digital adoption likewise expanding “the [cyber] threat surface.”

 

“2022 is going to be a year of building greater resiliency and integrating this into all aspects of business operations,” he wrote in an article for independent information security website Help Net Security. “This will require organizations of all levels to review how they are responding to a larger scale of sophisticated threats.”

Read more: Cyber security 101: How businesses can mitigate their risks for 2022

With cybersecurity remaining a top priority among businesses this new year, cybersecurity experts also laid down the biggest cyber challenges companies and other organizations are set to face. Here are some of them:

1. A rise in supply chain attacks

Joanna Burkey, chief information security officer at tech giant Hewlett-Packard (HP), noted that supply chain attacks would continue to present new opportunities for cybercriminals this year.

“With the Kaseya breach – which impacted over 1,500 companies – we saw that supply chain attacks can be financially rewarding,” she told UK-based risk management news and information website Continuity Central. “This could lead to the continued commoditization of the tactics, techniques, and procedures (TTPs) used to conduct such attacks. This only adds fuel to the fire, giving threat actors more than enough motivation to exploit software supply chains [in 2022].”

American-Japanese IT security solutions provider Trend Micro, meanwhile, pointed out how economic shortages and disruptions would pave the way for threat actors to “strong-arm targets for big payouts.” 

“We predict access-as-a-service (AaaS) brokers will take special interest in gaining residence and selling it to the highest bidder,” the company wrote in an article posted on its website.

This firm also warned businesses to keep an eye out for the rise of the “quadruple extortion model,” consisting of “holding the victim’s critical data, threatening to leak and publicize the breach, threatening to target their customers, and attacking the victim’s supply chain or partner vendors.”

Read more: Real threat businesses can no longer ignore

2. The evolution of ransomware attacks

Trend Micro predicts ransomware will continue to evolve and remain prevalent this year, adding that it sees two trends emerging – “modern ransomware will become increasingly targeted and prominent” and “ransomware operators will use more complex extortion tactics such as exfiltrating data to weaponize it.”

“Commonly used attack vectors like VPNs, spear-phishing emails, and exposed RDP ports will remain in play, but we predict the cloud will become a bigger target as more companies continue to migrate their data,” the company added. “Specifically, cloud and data center workloads will be the main playground for ransomware actors, due to an increased attack surface from less-secure homeworking environments.”

Marr, meanwhile, expressed concern about the rise in ransomware attacks targeting critical infrastructure, which poses a grave threat to people’s lives.

“Worryingly there has been an increase in these types of attacks targeting critical infrastructure, including one at a water treatment facility that briefly managed to alter the chemical operations of the facility in a way that could endanger lives,” he wrote. “Other ransomware attacks have targeted gas pipelines and hospitals.” 

Extortion methods could also extend beyond the victim, said Alex Holland, senior malware analyst at HP.

“Ransomware operators will almost certainly intensify the ways they pressure victims into paying their demands,” he told Continuity Central. “Beyond data leak websites, attackers are using increasingly varied extortion methods, such as cold calling, and contacting customers and business associates of victim organizations.”

Read more: Revealed: cybercriminals' top method for ransomware attacks

3. “Weaponization” of firmware attacks

According to experts at HP, firmware security is often neglected by businesses, with many implementing “much lower levels of patching.” This has resulted in firmware becoming a fertile ground for cyber threat actors to “gain long-term persistence or perform destructive attacks.”

“In the last year, we’ve also seen attackers performing reconnaissance of firmware configurations, likely as a prelude to exploiting them in future attacks,” Ian Pratt, global head of security for personal systems, told Continuity Central. “Previously these types of attacks were only used by Nation State actors. But in the next 12-months the TTPs for targeting PC firmware could trickle down, opening the door for sophisticated cybercrime groups to weaponize threats and create a blueprint to monetize attacks.”

“Certain industries where these attacks could be more probable should start thinking about the risks posed by the weaponization of hardware-level malware and exploits,” cautioned security advisory board member Robert Masse. “They are very difficult to detect even in the best-case scenario. Rogue processes and memory mapping bypasses will be hot topics in 2022, and we can also expect to see threat actors targeting CPUs, the BIOS and microcode as part of a revised kill-chain for ransomware attacks.”

4. Personalized phishing tactics

Eley also sees increased customization and personalization in the phishing methods used by cybercriminals this year.

“Organizations have increased staff training and awareness as phishing scams have become more of a common occurrence,” he wrote. “As a result, users now have greater vigilance and can detect the most common phishing scams. To overcome this, attackers are evolving their strategies to make their attempts appear more authentic.”

Eley added that phishing attacks would take a more sophisticated form in 2022. Instead of relying on the usual tactics, he noted how attackers would develop new ways “to leverage more customized and personalized attacks based on intelligence gained from social media outlets,” with these enhanced personal attacks harder to distinguish from genuine communications.

But with many organizations shifting to hybrid work, Michael Howard, head of security and analytics practice at HP, told Continuity Central that exposure to phishing attacks would continue to be a major issue.

“Every single employee remains a target for attackers, with the volume of unmanaged and unsecure devices creating a huge attack surface to defend,” he said.

Read more: How to stop phishing emails turning into a catastrophe

5. New avenues for cyberattacks

Trend Micro expects cybercriminals to explore new technologies such as Java, Adobe Flash, and WebLogic to gain access to confidential information. The company also sees threat actors mimicking development, security, and operations’ (DevSecOps) “shift left” approach by targeting the source of an organization’s infrastructure.

“We’ll see more malicious actors compromising DevOps tools and pipelines to target supply chains, Kubernetes environments, and infrastructure as code (IaC) deployments,” the firm wrote. “Since developers’ tokens and passwords hold the key to an organization’s operations, using their credentials helps attackers stay under the radar while penetrating multiple layers of an enterprise’s network.”

Read more: Are your clients making the most of the cloud to spread their risk?

6. New risks brought about by 5G

With more businesses looking to invest in 5G technology to enhance connectivity capabilities, Eley said that 5G adoption would enable companies to create “new value from existing core network assets and put their businesses on the digital transformation roadmap.”

However, he pointed out that 5G’s implementation comes with its own share of “challenges and complexities.”

“With 5G accelerating the growth of the Internet of Things, threat actors can take advantage of vulnerable connections and compromise smart devices to infiltrate network infrastructure,” he wrote. “Organizations need to ensure they are protected from all 5G associated risk. Otherwise, they face losing out on the benefits of a connected future.”