The cyber risk landscape changes quickly. In the last few years we’ve seen a rise in the number of ransomware attacks, and the end of 2021 was marked by the Log4J vulnerability. As data stacks get bigger and more difficult to defend, you may be wondering what threats are on the horizon in 2022.
Based on what we’ve seen so far, the coming year’s risks are likely to be fairly familiar. Most of 2022’s developing threats have been shaped by the ones that we’ve seen in previous years. Alex Heid, Chief Research & Development Officer at SecurityScorecard, joined Terry Sweeney from BlackHat for a Fast Chat on his predictions for 2022. Here’s what we see as some of the biggest threats in 2022.
What cyber threats can you expect in 2022?
1. Third-party vulnerabilities will continue to be top of mind
Vulnerabilities within third-party libraries are going to be a headache for organizations for some time. We saw this happen with the Log4J vulnerability recently; since it was discovered in December of 2021, it’s been widely exploited.
Third-party vulnerabilities are, unfortunately, linked to some of the other threats we’re likely to encounter in 2022. The deployment of ransomware as a payload, for example, has gone hand in hand with third party vulnerabilities; criminals — including known ransomware groups and nation-state threat actors — have used Log4J to install ransomware on cloud based servers.
2. Ransomware is not going away
Ransomware itself is unlikely to go away in 2022, for a pretty straightforward reason: criminals have seen that some companies are willing to pay ransoms. For the most part, criminals are looking for the biggest, simplest payday. Since ransomware has so far provided that for them, they’re likely to keep using it to exploit organizations. State-sponsored cyberterrorists have also seen the profits ransomware can generate, and we’ve seen governments beginning to use ransoms to fund black ops.
3. Organized crime and nation-state actors are joining forces
Many of the threats above come from either organized crime groups or Advanced Persistent Threat actors, such nation-states or state-sponsored groups. However, we’re already starting to see some crossover between those two groups. In some cases, a criminal may have been caught and made to work for the government, while in others the government may have partnered with organized crime from the beginning.
While a global cyberwar may seem like it should involve only state actors, innocent bystanders, like your business, very well may get caught in the crossfire. Because private organizations and government agencies all share a common cloud infrastructure, when those cloud hosting services are targeted by state actors, companies are likely to be collateral damage. This is something we’ve seen already, but we expect to see more of it in the near future.
While this is a concerning development, it has created opportunities for governments and businesses to work together to harden their cybersecurity. Specifically, the World Economic Forum has created cyber resilience resources for the public and private sectors that will help both prepare for cyber attacks.
What can companies do to protect themselves?
As attackers change their strategies and double down on the ones that have been working for them, organizations are likely wondering what they can do to keep their data and infrastructure safe. The unfortunate fact of the matter is that if you’re on the Internet long enough, you’re going to be attacked. The best thing you can do as a company is to make yourself the least profitable target possible.
This can be achieved through continuously monitoring your risk profile. Most of the companies who have been successful in fending off data breaches have engaged in continuous monitoring, continuous mitigation, and continuous threat intelligence. This doesn’t mean checking the threat landscape once in a while, but dedicating resources to continuous surveillance of potential vectors of attack and your own risk profile, and continuously using that information to improve your security posture.
SecurityScorecard helps organizations understand their risks by continuously and non-intrusively collecting data across the internet. The platform categorizes every digital asset made available or discoverable by an enterprise while easy-to-understand A to
F ratings enable any organization to easily understand its own security posture as well as the risks associated with its suppliers, such as cloud vendors.
Security can feel like a game of cat and mouse, but no matter what challenges this year brings, knowing your own vulnerabilities is the first step to avoiding a breach. Claim your Scorecard today to get started and protect your organizations from digital risk in 2022.