2021 wasn’t the best year for cybersecurity — if you pitted companies versus malicious hackers, hackers easily took the lead and seem to be in a prime position to repeat their success in 2022 unless things change.
Ransomware continued to impact thousands of companies, skyrocketing in 2021 despite having already shot up 2020. With the Colonial Pipeline attack, we were able to see the reach and devastation these ransomware attacks could have.
The newest zero-day exploit, log4j, sent companies and major third-parties into a scramble highlighting the risk involved with a distributed and connected environment that relies on a wide third-party vendor network.
Uncertainty only continues to build through 2022 as organizations continue to struggle with uncertainty of COVID, variants, and the risk remote work and connected devices bring to a company looking to cope.
With 2022 on the horizon, what threats (and more) can security leaders expect to face?
The colonial pipeline attack won’t be the last to hit a critical infrastructure system. Nation-state attackers, emboldened by politics, and the success of previous attacks, will likely target more critical infrastructures. On the other hand, hacker groups, seeing the possibility of a large payout, will look to target these infrastructures with ransomware, hoping the severity of the compromise leads to a fast payment.
Digital infrastructures that underpin many of the digital systems many companies rely on should also be on high alert. These include operating systems, cloud-based infrastructures, and major third-parties/SaaS vendors. Hackers know targeting these systems can impact thousands of companies and can lead them into other organizations and companies depending on who the true target is.
Businesses of all sizes will have to invest in proactive threat hunting capabilities or turn to managed detection and response services that will help them spot an intruder and prevent a major compromise.
2021 continued the trend of increasing ransomware attacks and there’s not much reason for hackers to let up on that in 2022. Payments have never been higher and the newest player on the ransomware block, Ransomware as a Service, is likely to be used more often.
RaaS refers to a new service rolled out by major ransomware criminal groups where they will license their ransomware services and exploits to any group or organization with a target in mind. It makes ransomware attacks much more successful and harder to recover from.
While RaaS has been initially offered by major hacker organizations, it won’t be for the big boys anymore. We expect smaller groups to join and provide RaaS services, having seen how successful and lucrative it’s been.
While this means companies need to invest in more comprehensive cybersecurity tools and solutions, many cybersecurity organizations are making efforts in combating ransomware groups. Having worked alongside international law enforcement departments, Bitdefender released a decryptor for a popular RaaS organization, saving companies millions in ransomware payments.
Our security research experts have observed an “Increased usage of zero-day exploits in certain targeted attacks” noting that in 2021 alone, there was an increase in zero-day exploits across all major platforms such as Chrome, Exchange, Office, Windows 10, and iOS.
Log4j was the most visible of these exploits and we expect that similar zero-day exploits are likely to be discovered in 2022. Bad actors know that major third-party vendors are key targets because so many organizations depend on these vendors.
This also gives malicious actors more time to exploit affected organizations. The vendors directly impacted by these zero-day exploits will have to detect the vulnerability, develop the fix, and deploy the updates, passing on the responsibility to dependent organizations. If these companies don’t have the right vulnerability management system or strategy in place, they may be vulnerable for weeks or months, which is ample time for a hacker to exploit a known vulnerability.
Ultimately, these type of zero-day vulnerabilities will test impacted company’s vendor visibility and their ability to update their relevant tools and systems.
Organizations’ adaptation to COVID only accelerated the ongoing digital transformation nearly all companies were undergoing. This doesn’t only refer to remote work, BYOD, and distributed workforces, but the adoption of IoT which is increasing a novel attack surface many organizations aren’t prioritizing.
Many IoT tools and devices have been introduced with the rise in remote work. Think conference call cameras, bluetooth mics, security cameras, connected printers, etc. These devices are hardly built with security in mind and often have known or easily discoverable flaws. So much so that our threat research team devotes a large part of their efforts towards discovering IoT vulnerabilities.
Other new technology will introduce even more opportunities for malicious hackers. Electric vehicles, primed to make a big impact in 2022 often rely on exploitable or vulnerable software. The rise of blockchain infrastructures, cryptocurrency and NFT exchanges, DeFi and Web3 might lead to a hotbed of fraud and attacks, especially against infrastructure providers who may not have legal resources traditional banks have.
It has also created more incentives for hackers who can exploit a company purely for cryptomining and cryptojacking purposes, meaning companies may not even know that they have been compromised. As cryptocurrencies continue to experience more mainstream adoption, more hackers may see the benefits of hijacking a device for mining purposes.
There’s a lot to be aware of 2022, and a lot to prepare for. If a security leader’s strategy is to continue what was done in 2021, they may be unknowingly exposing themselves to unnecessary risk. Leaders have to take a holistic view of their security posture and make sure they take a comprehensive approach to cybersecurity, understanding the tools, vendors, and key partners they may need to tap into in order to properly defend and prepare themselves.
Josue Ledesma is a writer, filmmaker, and content marketer living in New York City. He covers cyber security, tech and finance, consumer privacy, and B2B digital marketing.View all posts
Don’t miss out on exclusive content and exciting announcements!