Cybersecurity
Cyber Security Predictions for 2022
Normally, I am not a fan of year-end predictions, but as of late I have found them to be a good way to reflect upon what we have seen in terms of cyber security and what I expect to see for the future. As a CISO, I always want to make sure we have the correct people, processes, and technology in place to prepare for upcoming issues. These are some of the cyber security trends I see continuing and some of the emerging areas we are going to be watching in 2022.
Ransomware Attacks
These have only gotten worse, and we do not see them letting up anytime soon. They are an easy way to make money for criminals, and the risk of getting caught is fairly low. Law enforcement is starting to crack down on the more egregious attacks (think Colonial Pipeline), but that will only shift the criminals’ approach from one large attack to attacking multiple mid-size and small companies. The response from law enforcement is not as strong, and the payout is still pretty good.
Spear Phishing/Whale Phishing
We continue to see targeted attacks against specific people within companies. Typically, they want someone who has access to money. For example, if someone in accounts payable gets their email compromised, they will have their emails downloaded and their address book copied. The attackers will then try to convince vendors to route the money to a new bank, oftentimes successfully. They will also review the address book to see if they can spam someone in the address book to get their email compromised. This is what is currently happening, and many times they stop there. We expect to see an increase in ransomware on the users that have been compromised as the threat actors already have a foothold.
Flashy Attacks, but Fewer
We still expect to see flashy attacks that garner news headlines, but we expect those to be fewer. The organized criminals don’t benefit as much, as law enforcement focuses on those attacks. Criminal enterprises are more profitable when they go after easy targets and avoid legal issues.
Holidays and Weekends
Holidays and weekends have always been a good time to gain access to a company or an email system. We expect this to only increase. By Friday afternoon, most workers are checking out for the weekend, which gives an attacker two to three days in someone’s account if they can get in.
Network Appliances are “Hot”
It started this year, and we expect it more next year. Stand-alone network devices such as routers, firewalls, switches, etc. are not updated as often as servers and we are seeing more targeted attacks against them. Businesses don’t want to incur the downtime associated with updating them, and many internal IT engineers prefer not to update firmware on these devices due to the perceived risk.
Attackers Will Continue to Exploit the Pandemic
With people continuing to work from home, attackers will continue to try to exploit the situation. We expect criminals will continue trying to get new hires to buy gift cards. Oftentimes, new hires will get a fake email pretending to be the CEO asking to buy gift cards or other things. Since it isn’t as easy as leaning over to the next office or cubical to ask if this is normal, people will tend to just do as their “CEO” has asked – without asking questions. Also, since users are working from home, they might surf websites they normally wouldn’t in the office, thus opening up their work computer to malicious downloads, which in turn opens the organization up to ransomware.
The above cyber security predictions shouldn’t be a surprise to most who have watched what has been happening. These trends have been building, and the good news is there are a lot of things that a company can do to help protect themselves. A next-generation anti-virus solution can definitely help out on the ransomware front. A good spam filtering solution will help with email. Partnering with a trusted firm for 24/7 security monitoring is critical. As night and weekend attacks increase, you don’t want to be vulnerable during the times most attacks are happening. Also partnering with a firm that will update your appliances – so you have one less thing on your IT plate – will help keep your organization safer.
Thrive provides businesses with the tools to mitigate cyber attacks and protect valuable data in the event of a breach. MFA and cyber security incident response plans are useful and important, but they are just a few of the many tools available to bolster your organization’s security posture. Contact our experts today to discuss a plan to fully protect your most important assets.