Leading security vendors announce top 15 cybersecurity predictions to impact 202...

Monday, 13 December 2021 10:40

Leading security vendors announce top 15 cybersecurity predictions to impact 2022

By WatchGuard Technologies, Attivo Networks and LogRhythm

Carolyn Crandall, chief security advocate and chief marketing officer, Attivo Networks

GUEST OPINION: WatchGuard Technologies, Attivo Networks and LogRhythm have announced their leading cyber security predictions for 2022 supporting businesses understand where their next set of threats will be and to ensure enterprises remain in step ahead of these risks.

WatchGuard Technologies’ six top predictions for 2022 are as follows:

1. State-sponsored mobile threats trickle down to the cybercrime underworld

Mobile malware certainly exists – especially on the Android platform – but hasn’t yet risen to the same scale of traditional desktop malware. In part, we believe this is due to mobile devices being designed with a secure mechanism (eg, secure boot) from the start, making it much more difficult to create zero-touch threats that don’t require victim interaction. However, serious remote vulnerabilities have existed against these devices, though harder to find.

Meanwhile, mobile devices present a very enticing target to state-sponsored cyber teams due to both the devices’ capabilities and information contained in them. As a result, groups selling to state-sponsored organisations are mostly responsible for funding much of the sophisticated threats and vulnerabilities targeting mobile devices, such as the recent Pegasus mobile spyware. Unfortunately, like in the case of Stuxnet, when these more sophisticated threats leak, criminal organisations learn from them and copy the attack techniques.

Next year, we believe we will see an increase in sophisticated cybercriminal mobile attacks due to the state-sponsored mobile attacks that have started to come to light.

2. Spear SMSishing hammers messenger platforms

Text-based phishing, known as SMSishing has increased steadily over the years. Like email social engineering, it started with untargeted lure messages being spammed to large groups of users, but lately has evolved into more targeted texts that masquerade as messages from someone you know, including perhaps your boss.

In parallel, the platforms we prefer for short text messages have evolved as well. Users, especially professionals, have realised the insecurity of cleartext SMS messages thanks to NIST, various carrier breaches, and knowledge of weaknesses in carrier standards like Signaling System 7 (SS7). This has caused many to move their business text messages to alternate apps like WhatsApp, Facebook Messenger, and even Teams or Slack.

Where legitimate users go, malicious cybercriminals follow. As a result, we are starting to see an increase in reports of malicious spear SMSishing-like messages to messenger platforms like WhatsApp. Have you received a WhatsApp message from your CEO asking you to help him set up an account for a project he’s working on? Maybe you should call or contact your boss through some other communication medium to verify it’s really that person! In short, we expect to see targeted phishing messages over many messaging platforms to double in 2022.

3. Password-less authentication fails long term without MFA

It’s official. Windows has gone password-less! While we celebrate the move away from passwords alone for digital validation, we also believe the continued current focus of single-factor authentication for Windows logins simply repeats the mistakes from history. Windows 10 and 11 will now allow you to set up completely password-less authentication, using options like Hello (Microsoft’s biometrics), a Fido hardware token, or an email with a one-time password (OTP).

Though we commend Microsoft for making this bold move, we believe all single-factor authentication mechanisms are the wrong choice and repeat password mistakes of old. Biometrics are not a magic pill that’s impossible to defeat – in fact, researchers and attackers have repeatedly defeated various biometric mechanisms. Sure, the technology is getting better, but attack techniques evolve too (especially in a world of social media, photogrammetry and 3D printing). In general, hardware tokens are strong single factor option too, but the RSA breach proved that they are not undefeatable either. And frankly, clear text emails with an OTP are simply a bad idea.

The only strong solution to digital identify validation is multi-factor authentication (MFA). In our opinion, Microsoft (and others) could have truly solved this problem by making MFA mandatory and easy in Windows. You can still use Hello as one easy factor of authentication, but organisations should force users to pair it with another, like a push approval to your mobile phone that’s sent over an encrypted channel (no text or clear email). Our prediction is that Windows password-less authentication will take off in 2022, but we expect hackers and researcher to find ways to bypass it, proving we didn’t learn from the lessons of the past.

4. Companies increase cyber insurance despite soaring costs

Since the astronomical success of ransomware starting back in 2013, cyber security insurers have realised that payout costs to cover clients against these threats have increased dramatically. In fact, according to a report from S&P Global, cyber insurers’ loss ratio increased for the third consecutive year in 2020 by 25 points, or more than 72%. This resulted in premiums for stand-alone cyber insurance policies to increase 28.6% in 2020 to $1.62 billion USD. As a result, they have greatly increased the cybersecurity requirements for customers. Not only has the price of insurance increased, but insurers now actively scan and audit the security of clients before providing cybersecurity-related coverage. In 2022, if you don’t have the proper protections in place, including MFA on remote access, you may not get cyber insurance at the price you’d like, or at all. Like other regulations and compliance standards, this new insurer focus on security and auditing will drive a new focus by companies to improve defences in 2022.

5. And we’ll call it Zero Trust

Recently, a “modern” information security architecture has grown in popularity under the name of Zero Trust. A Zero-Trust approach to security basically boils down to 'assuming the breach.' In other words, assuming an attacker has already compromised one of your assets or users, and designing your network and security protections in a way that limits their ability to move laterally to more critical systems. You’ll see terms like 'microsegmentation' and 'asserted identity' thrown around in discussions on Zero Trust. But anyone that has been around for long enough will recognise this trending architecture is built on existing, long-standing security principles of strong identity verification and the idea of least privilege.

This isn’t to say Zero-Trust architecture is a buzz word or unnecessary. On the contrary, it is exactly what organizations should have been doing since the dawn of networking. We are predicting in 2022, the majority of organisations will finally enact some of the oldest security concepts all over their networks, and they will call it Zero Trust.

6. News of hackers targeting space hits the headlines

With renewed focus on the 'Space Race' and recent cybersecurity research concentration on satellite vulnerabilities, we believe a 'hack in space will hit the headlines in 2022.

Recently, satellite hacking has gained investigative attention from the cybersecurity community among researchers and at conferences like DEF CON. While satellites might seem out of reach from most threats, researchers have found they can communicate with them using about US $300 worth of gear. Furthermore, older satellites may not have focused on modern security controls, relying on distance and obscurity for defence.

Meanwhile, many private companies have begun their space race, which will greatly increase the attack surface in orbit. Companies like Starlink are launching satellites by the thousands. Between those two trends, plus the value of orbital systems to nation states, economies, and society, we suspect governments have quietly started their cyber defence campaigns in space already. Don’t be surprised if we see a space-related hack in the headlines one day soon.

Carolyn Crandall, chief security advocate and chief marketing officer at Attivo Networks has also provided the following five predictions for 2022:

1. Ransomware will make Active Directory protection a top CISO-level concern

Active Directory is an essential element of an enterprise’s network infrastructure, but it is intrinsically insecure and notoriously difficult to protect. Attackers are well aware of its weaknesses and diligently target AD to increase their privileges, escalate their attacks, and mass encrypt data for ransom. Active Directory exposures are named as the top reason why ransomware attacks continue to be successful. Business leaders and IT decision-makers cannot afford to let visibility and organisational divides leave exposures unaddressed and open for attack.

2. Supply chain issues are forcing enterprises to order supplies months in advance, in larger quantities, and from new providers

The lack of supply will add complexity to new vendor management and qualifications as organisations adjust their purchases, and potentially standards, to support business operations. This change will introduce new supply chain security risks that could arise from software, hardware, and logistics security exposures.

3. Deception technology will experience rapid mid-market growth

Cyber-attacks are steadily becoming the biggest threat to businesses of all sizes. While larger companies more commonly have the resources to implement defence in depth security measures, mid and small-size companies remain ill-equipped to defend against advanced attack techniques, forcing them to decide where and what to protect. As a result, in 2022, many of these companies will turn to deception technology as an efficient, cost-effective method to respond to internal and external threats. A high signal to noise alert ratio and Innovations in machine learning will make managing decoys and concealment attractive for under-resourced businesses. Additionally, with an increase in SaaS-based offerings, mid-level companies will be able to take advantage of benefits of deception technology in greater numbers.”

4. Ransomware defences must get a badly needed refresh

Ransomware 3.0 is here, characterised by double extortion, where cybercriminals not only encrypt files but also leak information online that can drastically impact everything from the company’s image, profits, and stock price. There’s no longer a one-size-fits-all approach to defending against these attacks. With over 300 variants, stopping ransomware requires a multi-faceted approach. One that starts with protecting Active Directory and privileged credentials. In 2022, organisations will be unable to keep up with understanding how each group operates and instead, will need to improve their visibility to exposures and add detection measures that are based on technique. Setting up traps, misdirections and speed bump lures along the way will also serve as strong deterrents to keep an attacker from being successful.

5. The debate will increase on whether ransomware should be classed as an act of war or espionage

Depending on the answer, which will likely be driven by the level of violence, death, and destruction, this can have implications for businesses related to whether insurance companies will use this as an opportunity to opt-out of ransomware reimbursements. There will also be more discussions in 2022 related to inadvertent terrorist funding and retaliation.”

Finally, Joanne Wong, VP of international marketing, APAC and EMEA at LogRhythm has also identified the following four predictions for 2022:

1. Zero Trust approach continues to gain traction amidst rising cyber threats

Businesses globally have had to accelerate their digital transformation journey and embrace a hybrid work reality over the past few months, and this trend is set to continue in the coming year. This means contending with even more vulnerabilities and security risks, which entails breaking away from conventional security approaches and adopting novel solutions.

Already, we have seen how the Singapore government has taken the first step in adopting a new Zero Trust cybersecurity approach across government applications and information technology systems. This will only extend across even more governments and private organisations, where everyone will take a step in the same direction and move towards Zero Trust – so they can maintain clear oversight over entire operations, adopting an 'assume breach' mindset and conducting verification at every step to mitigate any cyberthreats early on.

2. Growing adoption of 5G technologies increases cybersecurity risks

Asia Pacific has emerged as a frontrunner in the 5G race. Countries in the region – especially South Korea, China, Japan and Australia – have made significant progress in laying down the groundwork for their 5G network deployments. Come 2022, many will be looking to capitalise on the increased connectivity 5G technology offers to realise their digital transformation roadmaps and Smart City aspirations.

However, the growing adoption of 5G has also introduced new complexities to the current threat landscape. With 5G accelerating the push for the Internet of Things, cybercriminals can easily leverage insecure connections and hack into smart devices to infiltrate any networks for their own gain. Now more than ever, organisations will have to double down on their cybersecurity efforts and ensure that they are protected from all fronts. Otherwise, a successful cyberattack can easily undo progress made towards a 5G-enabled future.

3. Competition for top cybersecurity talent heats up

The digitalisation imperative will continue in the year ahead, and this brings with it new security challenges. We’ve already seen a growing spate of cybersecurity attacks in recent years, highlighting how critical a robust cybersecurity strategy is for organisations. However, many organisations are facing an acute shortage of IT talent, and this is most keenly felt across specialised fields like cybersecurity.

Businesses are facing an urgent need to close this cybersecurity talent gap and many are pulling out all stops to attract and retain top talent to address their cybersecurity needs. Faced with a sparse talent market, many are looking towards diversifying access to a wider talent pool and even providing on-the-job training to upskill existing employees. People are the key to an organisation’s success in digital transformation, and only when they can tap on this valuable resource to secure their digital assets can they reap the rewards of this new digital future.

4. Individuals, not infrastructure, will be top threats at the 2022 FIFA World Cup in Qatar

Qatar has made significant investments in cybersecurity ahead of the FIFA 2022 World Cup. Much of the travel and ticketing for the event have been digitised and are vulnerable to attack from cybercriminals. We predict that in addition to large-scale outages or organisational attacks, cybercriminals will also be targeting the large number of high-value visitors to the tournament. Organisers will be prepared to manage the large attack surface surrounding the tournament, but what about individuals?

Phishing and social engineering will be used to steal personal and financial information that criminals can monetise. We predict that promotional emails or fake websites related to World Cup from the travel and hospitality industries will be used to capture personal data and compromise individuals. Cybercriminals will recognise the work that Qatar has done to be prepared for the tournament and may focus on exploiting human nature rather than digital infrastructure.

PROMOTE YOUR WEBINAR ON ITWIRE

MORE INFO HERE!

INTRODUCING ITWIRE TV

SEE WHAT'S ON ITWIRE TV NOW!