As we emerge from the shadows of pandemic, we realize that the pandemic has created a seismic shift in business and IT environments. Some changes may be rolled back as we set into the “New Normal”, but a lot of changes we adapted in response to the pandemic are here to stay. Digital transformation has accelerated in certain sectors with increasing cloud adoption while many sectors have redefined their expectations and outcomes from digital transformation. One thing that has amplified with digitization and cloud adoption is the greater level of cyber risks. Here is my take on the cybersecurity trends and predictions for 2022.
1. Supply chain attacks*
What started off in 2020 will likely continue in ferocity as threat actors go after vendors that have poor cybersecurity controls. By breaching the security of the vendor and embedding malware into the vendor’s digitally signed updates, threat actors gain access to the vast number of clients of these vendors. Businesses should assess their third-party vendors for such risks and verify their vendors’ cybersecurity controls.
*Watch this video to learn how supply chain attacks are carried out by blindsiding organizations and how they can protect themselves.
2. Increase in vishing & social engineering scams
As countries around the world tackle the Omicron or other worrisome variants of Covid-19, some are managing the pandemic well with high vaccination rates, but not all countries are on par. There are countries which are still in partial or full lockdowns and have been so for almost the last two years.
Human nature longs for social interaction. But when we are forced to isolate, to quarantine, to stay home, the next best alternative is to turn to social media. Many are sharing their whereabouts, intimate personal details, photos, not taking the precautions to protect their accounts. The longing for attention and interaction provides easy prey for scammers as I see a rising volume of vishing and social engineering scams.
Regular cybersecurity awareness training is a must for enterprises. Running phishing and vishing test campaigns will also help test organization and employee readiness in dealing with such attacks.
3. Ransomware becomes the next pandemic
Ransomware continues to evolve with “double-tap attacks“. Victims are extorted for data exfiltrated as well as their locked systems. Large enterprises who can afford solutions such as EDR, email security gateways, MFA, etc., will have better protection. But for Small and Medium Enterprises (SMEs), where many were badly affected by the impact from Covid-19, have challenges in affording these solutions. These SMEs are the vulnerable ones and will be increasingly at risk. Enterprises should look towards regulators for assistance and support, or in the context of Singapore, leverage on IMDA’s PSG grant to subscribe to Managed Detection & Response services to protect themselves.
4. SASE
As companies transform their businesses through this pandemic cycle to evolve into a more digitized business model, there will most definitely be an increase in cloud adoption. However, many organizations are concerned about their ability to secure their cloud consumption. This will drive a growing adoption of SASE to secure cloud access and virtual workloads. Although, it will not be an easy adoption as there are pre-requisites in order to be successful. For instance, an acceptable use policy, clearly defined cloud usage policy, etc. Enterprises should first develop a strong foundation and set of administrative controls before they embark on a technology implementation. After all, technology is merely one tenet of cybersecurity control.
5. Extended Detection and Response (XDR)
Vendors will continue to market their technology as the next shining XDR tool that will provide a unified threat detection, incident response platform for multi-source signals correlation. I believe there will be more of these motherhood claims. But the true XDR magic will not appear for at least a couple more years to come. More signals do not necessarily yield better efficacy. As long as there are “blind spots”, there will be gaps and this is why it is important for enterprises to blend a combination of rule-based threat detection with user & entity behavioral analytics monitoring.
6. Securing cloud adoption
As the saying goes, you are as strong as your weakest link. Many businesses who jump into the Cloud adoption bandwagon fail to realize that it is essential to ensure that their configuration and controls of cloud services must be thoroughly considered and tested. The 3Ms (Misconfiguration, Mistakes, and Mismanagement) will continue to be a grave error of many, causing unauthorized data breaches. Businesses should consider benchmarking their Cloud configurations against practices such as CIS benchmarks.
7. Rise of cryptojacking
Bitcoin’s value was slightly more than $7K at the beginning of 2020. Within less than 2 years, its value has shot up by more than 8.5 times. As units of cryptocurrencies such as bitcoin are nothing more than entries in a database, and cryptocurrencies being unregulated in any way, it creates the possibility to turn computing resources into cryptocurrency coins through cryptocurrency mining. But this can be very resource intensive and costly to run.
Cryptojacking is a scheme that hijacks computing resources, without authorization, consent, or knowledge in order to secretly mine cryptocurrency at the victim’s expense. Therefore, it is increasingly critical for enterprises to protect their network perimeter and ensure they do not expose clear text protocols or RDP services publicly.
8. Cyber insurance fallout
Businesses who have the illusion that cyber insurance is the answer to cyber threats will face the stark reality. Policy exclusions will expand and premiums are likely to rise as claims grows[1]. Many of the businesses will realize that they would not be able to purchase cyber insurance again once they made a claim. Risk transfer does not mitigate cyber risks as it is merely an interim solution. It is necessary for businesses to seriously consider outsourcing their cybersecurity protection, detection, and defense, and improve their overall security posture.
To succeed, bad actors only need to get their strategy right ONCE, but you need to WIN each time. It is no longer a question of IF you will be attacked, but WHEN.
Protecting oneself from cyber threats isn’t a one-time action, nor is it just about protecting your network or applications. Preventing cyber risks requires a holistic strategy that encompasses educating your employees on cyber awareness, erecting defensive controls, establishing the necessary policies and risk assessments, ensuring cyber hygiene, and having a round-the-clock vigilance to be able to detect and response to threats.
Contact a Lumen expert today to find out more about how our various security solutions can protect your organization from these cyber threats and more!
[1] Global Data (2021). More than one in 10 UK SMEs have cancelled their cyber insurance cover as the COVID-19 fallout caused many to cut costs. https://technology.globaldata.com/News/more-than-one-in-10-uk-smes-have-cancelled-their-cyber-insurance-cover-as-the-covid-19-fallout-forced-many-to-cut-costs_28764.