2022 cyber security outlook: be aware, be prepared
Another year of landmark cyber attacks on critical infrastructure, gruelling supply chain challenges, and wiser-than-ever cyber criminals has passed, but certainly not without profound impact. Across industries, cyber security experts watched as bad actors grew more intelligent and learned to circumnavigate organisations’ existing protective measures. This sight was perhaps most arresting for mission critical solutions providers in the government, defence, utility, and industrial sectors.
As government and business leaders question how to defend their devices, data, and networks against mounting attacks, it’s important to consider the magnitude and scope of attacks will likely only evolve in 2022 – creating a more catastrophic impact from attacks than ever. World Economic Forum’s 2021 Global Risks Report forecasted that 39 per cent of industry leaders fear future cyber security failures will present critical threats to business and society.
It is clear connected devices in vitally important industries are vulnerable to attack. It is essential to be prepared for when – not if – they are compromised. With the alarm sounded in 2021, what should decision makers look out for specifically in 2022? Here are some predictions for the new year in cyber security, along with advice on how to address the ominous threats.
Attack origins will diversify
Attacks in 2022 will vary in origin – from insider sources compromised maliciously or simply through negligence to supply chain sources, to shadowy outsider groups funded either privately or by a nation-state looking to maintain plausible deniability for aggressive behaviour.
In addition to a diversification in attack origin, strikes will rise in severity too as hackers gain a greater understanding of their leverage and their targets’ vulnerabilities. As all criminals refine their attack strategies – from private ransomware-as-a-service (RaaS) outfits to seriously moneyed state-sponsored groups – the urgency to act before they do have never been greater. Organisations must be proactive in changing their defensive priority from attack detection to outcome prevention.
Scale up or pay up: massive ransom loss for unprotected data
As RaaS gangs learn victims are willing to pay staggering sums to maintain operations (and their reputations), ransomware projects to cause unparalleled financial losses in 2022. Unprotected data shared across the cloud to both edge devices and networks is ripe for the ransoming. An increased attack surface with more connected devices than ever has made this valuable data even easier to get, too, especially if hackers can insert themselves into such devices somewhere along the supply chain.
Reflecting on last year’s destructive SolarWinds and Kaseya VSA hacks, more ransomware groups are expected to exploit vulnerabilities in supply chains. It is crucial that across industries, connected devices are protected throughout the entire product lifecycle. This starts from the production line and carries throughout supply chain field operations and involves embedding cyber resiliency on OT and end-to-end from to IT infrastructure and cloud environments.
Patching will be punished by relentless AI-assisted attacks
Cyber criminals are always developing new tools to exploit new vulnerabilities, and while defenders attempt to stop them by using patches and network defences, it’s often not enough. Remembering the progression of attacks, it’s understandable that actors in 2022 are advanced enough to circumnavigating preventative measures that business leaders have historically placed their confidence in. The degree of intelligent behaviour from all attackers – internal, external, supply, chain, state-level, and beyond – is increasing to an unprecedented level. Attackers are tricking sensors and honey pots, leveraging self-learning AI and machine learning to analyse data, find new entry points, and constantly adapt to defeat insecure protection measures.
As more complex attacks emerge, continuous improvement to security measures and testing is essential to ensure that you’re always one step ahead of the attacker, and not the other way around. For the known vulnerabilities, performing penetration tests using the known attack vector can help you patch systems on a regular basis. For unknown risks, prioritising preventive security rather than detection solutions is equally important. Basic blocking and tackling and cyber hygiene practices like patching, net segmentation, regular scanning for shadow IT and vulnerabilities remain essential as well. From a leadership standpoint, using several security methods in different hardware and software levels to cover all bases. After all, effective cyber security strategy should be an adaptive, building-block approach, not a one-size-fits-all solution.
With increased digitisation impacting all aspects of life, cyber attacks will become increasingly ubiquitous and may impact all our activities across the most mission-critical industries. The threats facing critical industries will continue to expand as their networks do in the new year. Decision-makers must act immediately to evaluate and upgrade security approaches with an eye towards proactive outcome prevention rather than solely relying on reactive ‘hack and patch’ fixes. In 2022, organisational success and survival depends on it.
Written by David Stroud, head of Europe & APAC at NanoLock Security.