Cyber Security In 2022

In 2020, I published an AT&T blog called “Top Cybersecurity Trends & Predictions for 2020’”. In the article I had forecasted that cybersecurity would become even more of a strategic priority for companies as the cost, sophistication, and lethality of breaches would continue to rise.

Also, that threat actors, especially state-sponsored, and criminal enterprises would take advantage of the expanding cyber attack surface by using their resources to employ more sophisticated means for discovering target vulnerabilities, automating phishing, and finding new deceptive paths for infiltrating malware.

The rash of high-profile breaches such as Solar Winds, Colonial Pipeline, Kaseya, and others proved those 2021 predictions to be accurate. In fact, “the number of publicly reported data compromises in the U.S. through September of 2021 has already surpassed the total number of compromises in 2020 by 17%, according to the Identity Theft Resource Center (ITRC).” 

As we near 2022, the cyber threat landscape remains just as ominous. Including the continued challenges of protecting critical infrastructure, the supply chain, and the ever-present task of finding qualified cybersecurity workers to fill scores of vacant roles in corporations and government that I forecasted still issues for the coming year.

I have divided my 2022 predictions into two categories. Strategic, and Tactical. Strategic perspectives provide a glimpse of what cyber-trends will be pervasive, and tactical is focuses on what technical and policy remedies will need to be prioritized by CISOs, CIOs, and their IT shops.

Strategic Forecast

Ransomware:   In 2022, ransomware attacks will continue at an alarming pace and will be more targeted. For hackers’ soft targets for ransomware extortion are plentiful, especially in the healthcare, financial, and manufacturing industries. We can expect to see more such attacks because the vulnerabilities to many networks remain open and accessible to hackers and because many victimized companies are still paying ransomware.

Ransomware is not new, and it has been around for decades. .A variant of ransomware called “WannaCry” spread swiftly in 2017 and 2018, reaching over 100 countries and infecting over 200,000 computers.  Ransomware is more favored by hackers nowadays because they can get paid in crypto currencies that are hard to trace. Because of the prevalence of ransomware attacks, the U.S. government created a Ransomware and Digital Extortion Task Force  created run by the Department of Justice (DOJ) to help track cyber attacks and digital extortion schemes and combat them. 

OT/IT and IoT convergence:   The scale and frequency of cyber attacks against critical infrastructure continues to grow. 2022 will be more of the same. Digital connectivity driven by the adoption of industrial internet of things and operational technology (OT) has further expanded the attack surface. IT/OT/ICS supply chains in CI can be particularly vulnerable as they cross pollinate and offer attackers many points of entry and older Legacy OT systems were not designed to protect against cyber-attacks.

In recent years, hackers and nation state adversaries have gained a deeper knowledge of industrial control systems and how they can be attacked and how weaponized malware can be deployed. Weaponized malware is a genuinely concerning and real threat to critical infrastructure. The firm Gartner Inc., projected deaths due to a cybersecurity threat weaponizing industrial facilities by 2025.

The firm sees the cost of attacks that cause fatalities reaching $50 billion per year. 

Also, in previewing the vulnerabilities of both hardware and software networks, Internet of Things (IoT) devices also will continue present special security challenges to CISOs as the number of connected devices to networks expands in Malthusian ways. By 2025, it is expected that there will be more than 30 billion IoT connections, almost 4 IoT devices per person on average and that also amounts to trillions of sensors connecting and interacting on these devices. 

IoT complexity magnifies cyber risk and the lack of visibility to determine if a device has been compromised is challenging and will present more attack vectors for hackers.

Critical Infrastructure & Space: The New Frontier

As Elon Musk, Jeff Bezos and William Shatner can attest, space is indeed the new frontier. A large part of our communication capacity as a civilization is becoming increasingly dependent on satellite relays and monitoring. With that comes cyber-risk. The national security community believes that satellites could be targeted by cyber-attacks to disrupt communications or information streams vital for commerce and security.

Many networks are now changing from terrestrial (land) based communications to the cloud, taking advantage of satellites to move data over large, international distances. There are more satellites circling in low earth than ever as launch costs have significantly lowered, which has created more targets and thus a wider attack surface for hackers to potentially attack both in space and at land-based control centers.

I agree with Samuel Visner, technical fellow at MITRE who says that “space systems should be a designated critical infrastructure. That would include launch systems, manufacturing plants, on orbit satellites and ground-based communication systems.” There are many capable nation state threat actors who have the capacity to do damage to space infrastructure and it could happen very soon. 

Tactical Forecast

  • Industry and organizations will continue to move to Cloud, Hybrid Cloud and Edge Platforms to better optimize and securing data. This is a process that has been happening over the past several years. It will still be a major focus of budget spend for 2022.
  • Updating of legacy systems and assimilation of emerging technologies such as 5G and artificial intelligence into security platforms will be prioritized. There are many shiny new toys and tools for cybersecurity operators. The challenge will be knowing how to best orchestrate those tools and understanding what is available to best mitigate industry-specific threats.
  • OT and IT convergence and vulnerabilities will need to be addressed. Security by Design: OT and IT networks for industrial systems will need to be designed, updated, and hardened to meet growing cybersecurity threats. Security by design will require building agile systems with operational cyber-fusion between OT and IT to be able to monitor, recognize, and respond to emerging threats.
  • More attention will be applied to Zero Trust risk management strategies. There will be more of a focus on vulnerability assessments and securing code from production throughout the life cycle. Zero trust will become more of a prevailing theme for government agency cybersecurity too.
  • Protecting supply chains is still an area of key focus for CISOs. Sophisticated ransomware groups like REvil and Darkside were particularly active in 2021 against such targets. According to Microsoft, the SolarWinds hackers are already attacking more IT supply chain targets. SolarWinds hackers attacking more IT supply chain targets (techtarget.com) The security challenge comes down to understanding what is connected in the supply chain landscape, knowing how to best protect the most important assets, and effectively implementing strategies for mitigating and remediating a security incidents and breaches.
  • More automation and visibility tools will be deployed for expanding protection of remote employee offices, and for alleviating workforce shortages. The automation tools are being bolstered in capabilities by artificial intelligence and machine learning algorithms.
  • Cyber security will see increased operational budgets because of more sophisticated threats and consequences of breaches (and especially ransomware) to the bottom line. Cybersecurity becomes more of a C-Suite issue with every passing year as breaches can be disruptive and devastating for business.

There are dozens of other predictions I could add to the forecast, and I only highlighted several of the most pertinent ones. There are news items on cyber threats and incidents published every week.

As a society on the verge of unparalleled exponential connectivity, we are entering unchartered digital territory in 2022. New risks and unforeseen issues will no doubt confront us. Certainly, security teams will have many responsibilities and tasks at hand to address in the coming year.

ATT:    Forbes:    Money:    Space News:    CPO Magazine:    ITRC:     iot-analytics:    HSToday:    Techtarget

Chuck Brooks is a renowned and globally recognized thought leader and evangelist for Cyber Security and Emerging Technologies. This article wast first published by AT&T

You Might Also Read: 

Running Out Of Cyber Gas:

 

« How Good Is Your Resilience Testing?
Boris Johnson's Cabinet Office Fined £500k For Leaking Data »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

AppRiver

AppRiver

AppRiver is a global provider of cloud-based email and web security solutions that protect businesses worldwide from today's ever-changing online threats.

Beyond Security

Beyond Security

Beyond Security is a leader in automated vulnerability assessment and compliance solutions - enabling customers to accurately assess and manage security weaknesses in their networks and applications.

Optiv

Optiv

Optiv is a market-leading provider of end-to-end cyber security solutions. We help clients plan, build and run successful cyber security programs that achieve business objectives.

Enosys Solutions

Enosys Solutions

Enosys Solutions is an IT security specialist with a skilled professional services team and 24x7 security operations centre servicing corporate and public sector organisations across Australia.

Zerocopter

Zerocopter

Zerocopter enables you to confidently leverage the skills of the world's most knowledgable ethical hackers to secure your applications.

MPC Alliance

MPC Alliance

A consortium of developers and practitioners of multiparty computation (MPC), committed to accelerating market awareness and adoption of MPC to increase the security and privacy of online services.

Orca Security

Orca Security

Orca Security delivers full stack visibility including prioritized alerts to vulnerabilities, compromises, misconfigurations, and more across your entire inventory on all your cloud accounts.

Expel

Expel

Expel provide transparent managed security services, 24x7 detection, response and resilience.

Corellium

Corellium

Corellium are dedicated to supporting our peers in the ARM community who seek to build more secure, performant, and accessible software and devices.

Harbor Networks

Harbor Networks

Harbor Networks is a communications systems integrator and managed services provider. We provide business consultation services for voice and data communication technology.

Central Intelligence Agency (CIA) - USA

Central Intelligence Agency (CIA) - USA

The CIA is an independent agency responsible for providing national security intelligence to senior US policymakers. This includes cyber security related activities.

PureSquare

PureSquare

PureSquare exist to empower people with simple solutions for their increasingly complex digital security & online privacy needs.

Lighthouse IT

Lighthouse IT

At Lighthouse IT, we are focused on delivering seamless and reliable services to unlock the value of technology for your business.

Oxford Information Labs (OXIL)

Oxford Information Labs (OXIL)

Oxford Information Labs brings together world-class software programmers and policy experts to provide a unique mix of expertise and hands on technical solutions.

National Critical Information Infrastructure Protection Centre (NCIIPC) - India

National Critical Information Infrastructure Protection Centre (NCIIPC) - India

NCIIPC's mission is to protect the Critical Information Infrastructure of India, from unauthorized access, modification, use, disclosure, disruption, incapacitation or destruction.

Uninets

Uninets

UniNets mission is to provide IT professionals with high-quality, accessible, and relevant e-learning courses that enable them to stay ahead of the curve in their industry.