It’s 2022. The world isn’t the same as it was just 10 years ago. Technology has progressed by leaps and bounds, and cyber security threats are bigger, more cunning, and more pervasive than ever before. The future of network security is daunting to ponder – even for experts who have spent their careers working in this field.
What the future holds for any industry is difficult to predict with absolute certainty. In security, it’s even more so because of the magnitude of ways in which today’s cyber attackers can attack a company and its customers.
In this blog post, we will examine what’s happening right now and what some experts predict for 2022.
1) Outsourced cloud services present a security risk
Many companies have come to rely on third-party cloud services, such as data storage and file handling. The problem here is that often these services are accessed through a single API key, which grants access to the entire infrastructure to a single user. Single password authentication is also problematic, and companies would do well to invest in an SSO password manager.
In a scenario where a cyber attacker gains access to one of these services, their ability to breach internal company networks will be significantly enhanced.
According to Kaspersky, this will pose an interesting attack vector to state actors and could be used in sophisticated espionage campaigns against governments and corporations. This will have a negative impact on how organizations use cloud services.
2) Ransomware operators will use methods that resemble APT attacks
The last few years have seen an explosion in the number of ransomware attacks, but as the security industry develops solutions to mitigate threats, so do attackers develop new techniques to bypass them.
Security experts have predicted that ransomware will evolve into a more sophisticated and persistent threat. Threat actors will utilize APT (Advanced Persistent Threat) methods to conduct targeted attacks on companies, rather than just sending out spam emails to individual customers. As these attacks become more sophisticated, attacks that leverage extortion against organizations will spread.
The “ransomware as a service” model – which means ransomware attackers will run attack campaigns on a subscription basis – will likely gain popularity among these extortionists. This model, and more importantly, the lack of a “permission model” that makes it so easy for cyber attackers to enter a network with the aim of accessing sensitive data, will significantly increase cyber security risks.
3) State-sponsored mobile hacks will fall into criminal hands
It’s widely known that state-sponsored entities have developed an extensive hacking infrastructure that targets their perceived adversaries in other nations, and use this infrastructure to attack mobile devices belonging to their enemies.
Perhaps the most infamous of these in 2021 was NSO Group Technologies, an Israeli technology firm known for developing Pegasus, a one-click mobile surveillance tool. Already news reports are circulating of Pegasus being used by malicious entities to target journalists worldwide.
Security experts have expressed concerns that state-sponsored surveillance and hacking tools will fall into the hands of cybercriminals and will ultimately lead to a significant increase in mobile security risks for citizens.
Mobile devices present a very enticing target to cybercriminals due to both the devices’ capabilities and the information contained in them.
4) Deepfake technology becomes weaponized
While malicious use of deepfake technology has long been a fear amongst security experts, 2022 may be the year those concerns become a reality. In 2020, criminals used deepfake technology to clone a company director’s voice and request a $35 million transfer from a Hong Kong bank.
Deepfake technology has been making leaps and bounds, and as it becomes increasingly sophisticated, it will likely be utilized by malicious actors in highly targeted attacks. The tools used by cybercriminals are becoming increasingly capable of fabricating realistic video and audio.
This has ramifications not only for cybersecurity but for politics and mainstream news as well. In a world where “fake news” is a major threat to democracies around the world, deepfake technology will only make the fight against “fake news” more complicated.
5) Malware hidden in legitimate software updates
The SUNBURST incident in 2020 showed that legitimate software updates are at risk from cyberattacks. Hackers were able to compromise SolarWind’s Orion IT monitoring software with an infected update, which was downloaded by over 18,000 computers.
The malware was also intelligently designed and would perform several steps to propagate itself to all the systems on the network. This included checking if it could successfully bypass a system’s security controls, and moving to the next level of attack.
This presents two cybersecurity concerns for 2022. The first is the development of intelligent malware itself, which can be used in highly targeted attacks without the need for massive stockpiles of zero-day vulnerabilities.
The second is the fact that the SUNBURST malware was delivered via legitimate updates, which means the attackers were able to embed the malware in upstream suppliers’ firmware. This could potentially open the door to malware that can avoid security controls, and which can spread further and faster.
What can be done to protect ourselves in 2022?
Numerous security firms, including Trend Micro, Watchguard Technologies, Kaspersky, Forcepoint, and others, have all made different and similar cybersecurity predictions for 2022. However, one belief shared in common are the techniques we should be utilizing to combat cybercrime, and defend ourselves from threats.
Security experts around the world agree that a comprehensive cybersecurity strategy in 2022 should entail:
- Zero Trust principles.
- Hardened server security.
- EDR and IoT device protection.
- A renewed focus on basic cybersecurity protocols.