[German]In a few hours, we will have left 2021 behind us and find ourselves at the beginning of 2022. 2021 was marked by many security incidents and successful cyberattacks as well as ransomware infections. What cyber enterprises need to do to be prepared for cyber threats in 2022? Michael Sentonas, chief technology officer at CrowdStrike, has compiled five cybersecurity predictions for 2022, which I publish below for your information.
Advertising
"Extortion economy" and ransomware
Over the past year, we've seen an increase in ransomware models with double extortion. In these schemes, the attackers demand a ransom to decrypt the data and an additional ransom to keep it from being shared or sold. We expect the extortion/exfiltration side of ransomware to reach an even higher level of sophistication in 2022, possibly with a shift away from encryption to a sole focus on extortion.
Meanwhile, an entire underground economy has developed around data exfiltration and extortion. Data-shaming websites are mushrooming, providing ransomware groups with a platform to publish and auction stolen data for which ransom is demanded. These ransomware groups are constantly evolving their entire infrastructure of tactics, techniques and procedures (TTPs) to exfiltrate and sell data even more effectively. Even if threat actors cannot leverage their ransomware beyond encryption, they will look for other ways to gain access to the data and sell it for profit. Anyone hit by a ransomware attack today can expect to be doubly extorted.
Secure your containers
The last few years have seen an explosion in the number of containers and container-based solutions. With the exponential rise of containers, we have naturally seen a similar rise in threats targeting containers. However, security for this innovative technology has not quite caught on yet, as we continue to see it deployed without proper security measures.
This makes rapid deployment through containers a double-edged sword. The lack of vulnerability and misconfiguration checks, as well as the involvement of disparate teams involved in container deployment, contribute to a lack of security across the board. Attack surfaces are constantly changing, and threats to container deployments are growing exponentially. As a result, containers are becoming a potential attack vector for organizations that do not recognize security as a key component of container deployments.
Advertising
Attackers are targeting supply chains
As recent high-profile attacks over the past year have shown, supply chains are very much on attackers' radar as an easily accessible attack vector. According to the 2021 CrowdStrike Global Security Attitudes Survey, more than three in four respondents (77%) have been the victim of a supply chain attack, and 84% of respondents fear that the supply chain will become one of the biggest cyber security threats in the next three years.
While attacks on supply chains are not necessarily new per se, the recent increase in these types of attacks has effectively let the cat out of the bag. Supply chains are vulnerable, and attackers are actively looking for ways to exploit that. In 2022, the end of these attacks is likely still a long way off, and the impact of each is significant not only for the victims, but also for the victims' customers and partners throughout the chain.
China increased Cyber Activities against APJ Region
Geopolitical tensions between China and other APJ countries have continued to escalate and have extended to the cyber world. China-based attackers remain active, targeting healthcare, defense, and other industries in APJ countries in support of their 14th Five-Year Plan, the Belt and Road Initiative (BRI), Made in China 2025, and other economic strategies.
The 2022 Beijing Winter Olympics could very well be a powder keg for nation-state cyber activity. It is likely that even hacktivists will enter the scene to launch disruption and disinformation campaigns. Nation-state leaders will need to step up their collaboration with the private security sector to stay ahead of potential threats in the wake of the Olympics and prevent major security breaches early in 2022.
Zero-day vulnerabilities cause "patch panic"
The year 2021 was a particularly difficult one for customer confidence in legacy vendors. Last year, security vulnerability after security vulnerability was exposed, leading to devastating attacks that will not stop in 2022. For example, 63% of respondents to CrowdStrike's 2021 Global Security Attitude Survey admitted that their company is losing confidence in traditional IT vendors like Microsoft due to the increase in attacks.
Zero-day vulnerabilities, in particular, will continue to put security teams at these vendors into "patch panic" mode as they desperately try to react and respond to these threats. This will inevitably drive an even bigger wedge between incumbent vendors and their customers, as the latter will look for solutions to help them proactively defend against the latest frontline threats.
