Cyber Security In 2022

In 2020, I published an AT&T blog called “Top Cybersecurity Trends & Predictions for 2020’”. In the article I had forecasted that cybersecurity would become even more of a strategic priority for companies as the cost, sophistication, and lethality of breaches would continue to rise.

Also, that threat actors, especially state-sponsored, and criminal enterprises would take advantage of the expanding cyber attack surface by using their resources to employ more sophisticated means for discovering target vulnerabilities, automating phishing, and finding new deceptive paths for infiltrating malware.

The rash of high-profile breaches such as Solar Winds, Colonial Pipeline, Kaseya, and others proved those 2021 predictions to be accurate. In fact, “the number of publicly reported data compromises in the U.S. through September of 2021 has already surpassed the total number of compromises in 2020 by 17%, according to the Identity Theft Resource Center (ITRC).” 

As we near 2022, the cyber threat landscape remains just as ominous. Including the continued challenges of protecting critical infrastructure, the supply chain, and the ever-present task of finding qualified cybersecurity workers to fill scores of vacant roles in corporations and government that I forecasted still issues for the coming year.

I have divided my 2022 predictions into two categories. Strategic, and Tactical. Strategic perspectives provide a glimpse of what cyber-trends will be pervasive, and tactical is focuses on what technical and policy remedies will need to be prioritized by CISOs, CIOs, and their IT shops.

Strategic Forecast

Ransomware:   In 2022, ransomware attacks will continue at an alarming pace and will be more targeted. For hackers’ soft targets for ransomware extortion are plentiful, especially in the healthcare, financial, and manufacturing industries. We can expect to see more such attacks because the vulnerabilities to many networks remain open and accessible to hackers and because many victimized companies are still paying ransomware.

Ransomware is not new, and it has been around for decades. .A variant of ransomware called “WannaCry” spread swiftly in 2017 and 2018, reaching over 100 countries and infecting over 200,000 computers.  Ransomware is more favored by hackers nowadays because they can get paid in crypto currencies that are hard to trace. Because of the prevalence of ransomware attacks, the U.S. government created a Ransomware and Digital Extortion Task Force  created run by the Department of Justice (DOJ) to help track cyber attacks and digital extortion schemes and combat them. 

OT/IT and IoT convergence:   The scale and frequency of cyber attacks against critical infrastructure continues to grow. 2022 will be more of the same. Digital connectivity driven by the adoption of industrial internet of things and operational technology (OT) has further expanded the attack surface. IT/OT/ICS supply chains in CI can be particularly vulnerable as they cross pollinate and offer attackers many points of entry and older Legacy OT systems were not designed to protect against cyber-attacks.

In recent years, hackers and nation state adversaries have gained a deeper knowledge of industrial control systems and how they can be attacked and how weaponized malware can be deployed. Weaponized malware is a genuinely concerning and real threat to critical infrastructure. The firm Gartner Inc., projected deaths due to a cybersecurity threat weaponizing industrial facilities by 2025.

The firm sees the cost of attacks that cause fatalities reaching $50 billion per year. 

Also, in previewing the vulnerabilities of both hardware and software networks, Internet of Things (IoT) devices also will continue present special security challenges to CISOs as the number of connected devices to networks expands in Malthusian ways. By 2025, it is expected that there will be more than 30 billion IoT connections, almost 4 IoT devices per person on average and that also amounts to trillions of sensors connecting and interacting on these devices. 

IoT complexity magnifies cyber risk and the lack of visibility to determine if a device has been compromised is challenging and will present more attack vectors for hackers.

Critical Infrastructure & Space: The New Frontier

As Elon Musk, Jeff Bezos and William Shatner can attest, space is indeed the new frontier. A large part of our communication capacity as a civilization is becoming increasingly dependent on satellite relays and monitoring. With that comes cyber-risk. The national security community believes that satellites could be targeted by cyber-attacks to disrupt communications or information streams vital for commerce and security.

Many networks are now changing from terrestrial (land) based communications to the cloud, taking advantage of satellites to move data over large, international distances. There are more satellites circling in low earth than ever as launch costs have significantly lowered, which has created more targets and thus a wider attack surface for hackers to potentially attack both in space and at land-based control centers.

I agree with Samuel Visner, technical fellow at MITRE who says that “space systems should be a designated critical infrastructure. That would include launch systems, manufacturing plants, on orbit satellites and ground-based communication systems.” There are many capable nation state threat actors who have the capacity to do damage to space infrastructure and it could happen very soon. 

Tactical Forecast

  • Industry and organizations will continue to move to Cloud, Hybrid Cloud and Edge Platforms to better optimize and securing data. This is a process that has been happening over the past several years. It will still be a major focus of budget spend for 2022.
  • Updating of legacy systems and assimilation of emerging technologies such as 5G and artificial intelligence into security platforms will be prioritized. There are many shiny new toys and tools for cybersecurity operators. The challenge will be knowing how to best orchestrate those tools and understanding what is available to best mitigate industry-specific threats.
  • OT and IT convergence and vulnerabilities will need to be addressed. Security by Design: OT and IT networks for industrial systems will need to be designed, updated, and hardened to meet growing cybersecurity threats. Security by design will require building agile systems with operational cyber-fusion between OT and IT to be able to monitor, recognize, and respond to emerging threats.
  • More attention will be applied to Zero Trust risk management strategies. There will be more of a focus on vulnerability assessments and securing code from production throughout the life cycle. Zero trust will become more of a prevailing theme for government agency cybersecurity too.
  • Protecting supply chains is still an area of key focus for CISOs. Sophisticated ransomware groups like REvil and Darkside were particularly active in 2021 against such targets. According to Microsoft, the SolarWinds hackers are already attacking more IT supply chain targets. SolarWinds hackers attacking more IT supply chain targets (techtarget.com) The security challenge comes down to understanding what is connected in the supply chain landscape, knowing how to best protect the most important assets, and effectively implementing strategies for mitigating and remediating a security incidents and breaches.
  • More automation and visibility tools will be deployed for expanding protection of remote employee offices, and for alleviating workforce shortages. The automation tools are being bolstered in capabilities by artificial intelligence and machine learning algorithms.
  • Cyber security will see increased operational budgets because of more sophisticated threats and consequences of breaches (and especially ransomware) to the bottom line. Cybersecurity becomes more of a C-Suite issue with every passing year as breaches can be disruptive and devastating for business.

There are dozens of other predictions I could add to the forecast, and I only highlighted several of the most pertinent ones. There are news items on cyber threats and incidents published every week.

As a society on the verge of unparalleled exponential connectivity, we are entering unchartered digital territory in 2022. New risks and unforeseen issues will no doubt confront us. Certainly, security teams will have many responsibilities and tasks at hand to address in the coming year.

ATT:    Forbes:    Money:    Space News:    CPO Magazine:    ITRC:     iot-analytics:    HSToday:    Techtarget

Chuck Brooks is a renowned and globally recognized thought leader and evangelist for Cyber Security and Emerging Technologies. This article wast first published by AT&T

You Might Also Read: 

Running Out Of Cyber Gas:

 

« How Good Is Your Resilience Testing?
Boris Johnson's Cabinet Office Fined £500k For Leaking Data »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Trend Micro

Trend Micro

Trend Micro is a leader in hybrid cloud, endpoint, and network security solutions.

Civica

Civica

Civica provides cloud-based managed IT services, hosting and outsourcing.

Ciklum

Ciklum

Ciklum provide specialist software QA and testing services including Security QA and Performance QA, QA Automation and Manual QA.

BSA - The Software Alliance

BSA - The Software Alliance

BSA is the leading advocate for the global software industry before governments and in the international marketplace.

NESEC

NESEC

NESEC is a specialist in information security consulting services and solutions.

WeSecureApp (WSA)

WeSecureApp (WSA)

WeSecureApp is specialized in providing Cyber Security Solutions to safeguard your applications and networks.

Mantix4

Mantix4

Mantix4’s M4 Cyber Threat Hunting Platform actively defends against cyber threats.

Database Cyber Security Guard

Database Cyber Security Guard

Database Cyber Security Guard prevents confidential database data theft by Hackers, Rogue Insiders, 3rd Party Cyber Risks, Phishing Email Attacks, Dev Ops Exploits and SQL Injection Attacks.

NETAS

NETAS

Netas offers solutions in information and communication technologies including end-to-end value added solutions, system integration and technology services to providers and corporations.

Siemens

Siemens

Siemens Industrial Security Services provide solutions for cybersecurity in automation environments based on the recommendations of the international standard IEC 62443.

Nucleus Security

Nucleus Security

Nucleus is a leading Vulnerability Management platform for Large Enterprises, MSPs/MSSPs, and Application Security Teams that want more from their vulnerability management tools.

Falcongaze

Falcongaze

Falcongaze SecureTower is a comprehensive DLP solution for the protection of business against internal threats.

Magna5

Magna5

Magna5 is a managed IT service provider focusing in network and server monitoring, backup and disaster recovery, cybersecurity, help desk and SD-WAN.

Anonos

Anonos

Anonos is a global software company that provides the only technology capable of protecting data in use with 100% accuracy, even in untrusted environments.

ZEUSS

ZEUSS

ZEUSS is a diversified data center, cybersecurity, and green energy company.

Multipoint Group

Multipoint Group

Multipoint is an information security and protection solutions company operating in the South EMEA region through value-added distribution channels.