Expect a cybercrime feeding frenzy in 2022

Issue 1 2022 Information Security

South African CISOs are making cyber resilience a top priority again this year and with good reason: 2022 looks set to be a feeding frenzy for cyber criminals. All indications are that this year could set new records in terms of the volume and ferocity of cyber-attacks.

Doros Hadjizenonos.

FortiGuard Labs’ predictions for 2022 indicate that cyber attackers will be aggressively targeting fresh victims and attack avenues, with organisations scrambling to defend themselves from attacks on every front. Attacks will be launched on everything from crypto wallets to satellite services, from the core to the edge.

Research by FortiGuard Labs last year showed an almost 11x increase in the number of ransomware attacks between 2020 and 2021, with continued growth expected this year.

But the volume of attacks is not the only thing to be concerned about. Until fairly recently, most cyber-attacks have targeted known vulnerabilities, but there are now indications that cyber criminals are redoubling their efforts to find and exploit new vulnerabilities.

As the potential attack surface continues to expand, cyber criminals will be looking to target every possible attack vector, such as new hybrid networks and work environments, remote workers and evolving connectivity options and new business-critical applications being deployed in the cloud.

Fortiguard Labs predicts new exploits targeting satellite networks over the next year and has begun to see new threats targeting satellite-based networks, such as ICARUS, which is a proof-of-concept DDoS attack that leverages direct global accessibility to satellites to launch attacks from numerous locations.

FortiGuard Labs also sees new edge-based challenges emerging. As edge devices become more powerful, with more native capabilities and more privileges, Fortinet experts expect to see new attacks designed to 'live off the edge'. Malware living in these edge environments will use local resources to monitor edge activities and data and then steal, hijack, or even ransom critical systems, applications and information while avoiding detection.

Given the recent attacks on critical infrastructure, FortiGuard Labs also expects to see more cybercriminals targeting operational technology (OT) systems, with the emergence of highly specialised tools that are now being packaged as attack kits on the dark web for this purpose.

FortiGuard Labs also expects to see a spike in new attacks including Linux platforms, expanding the attack surface further, out to the network edge.

Because cybercrime is proving wildly lucrative, with the US Treasury's Financial Crimes Enforcement Network (FinCEN) reporting nearly $600 million in ransomware pay-outs in the first half of 2021 alone, the challenge will be compounded by the expanding crime-as-a-service market, with new criminal solutions likely to emerge, including phishing and botnets-as-a-service and an increase in the sale of access to pre-compromised targets.

Protecting your network

If your network and security tools are not ready to work as an integrated, proactive cybersecurity mesh architecture to protect your organisation from the next generation of threats now, tomorrow may be too late to make the critical changes you need.

A cybersecurity mesh architecture integrates security controls into and across, widely distributed networks and assets. Together with a Security Fabric approach, organisations can benefit from an integrated security platform that secures all assets on-premises, in the data centre and in the cloud or at the edge.

Defenders will need to plan ahead now by leveraging the power of AI and machine learning (ML) to speed threat prevention, detection and response. Advanced endpoint technologies like endpoint detection and response (EDR) can help to identify malicious threats based on behaviour. Also, zero-trust network access (ZTNA) will be critical for secure application access to extend protections to mobile workers and learners, while Secure SD-WAN is important to protect evolving WAN edges.

Organisations are also strongly urged to harden their Linux systems and OT environments, including adding tools designed to protect, detect and respond to threats in real-time. They also need to take a security-first approach when adopting new technologies, whether upgrading Windows systems or adding satellite-based connectivity, to ensure protections are in place before adding them to the network.

In addition, segmentation will remain a foundational strategy to restrict lateral movement of cybercriminals inside a network and to keep breaches restricted to a smaller portion of the network. Actionable and integrated threat intelligence can improve an organisation’s ability to defend in real time as the speed of attacks continues to increase.

Meanwhile across all sectors and types of organisations, shared data and partnership can enable more effective responses and better predict future techniques to deter adversary efforts. Aligning forces through collaboration should remain prioritised to disrupt cybercriminal supply chain efforts before they attempt to do the same.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

New ransomware using BitLocker to encrypt data
Technews Publishing Information Security Residential Estate (Industry)
Kaspersky has identified ransomware attacks using Microsoft’s BitLocker to attempt encryption of corporate files. It can detect specific Windows versions and enable BitLocker according to those versions.

Create order from chaos
Information Security
The task of managing and interpreting vast amounts of data is akin to finding a needle in a haystack. Cyberthreats are growing in complexity and frequency, demanding sophisticated solutions that not only detect, but also prevent, malicious activities effectively.

Trend Micro launches first security solutions for consumer AI PCs
Information Security News & Events
Trend Micro unveiled its first consumer security solutions tailored to safeguard against emerging threats in the era of AI PCs. Trend will bring these advanced capabilities to consumers in late 2024.

Kaspersky finds 24 vulnerabilities in biometric access systems
Technews Publishing Information Security
Customers urged to update firmware. Kaspersky has identified numerous flaws in the hybrid biometric terminal produced by international manufacturer ZKTeco, allowing a nefarious actor to bypass the verification process and gain unauthorised access.

Responsible AI boosts software security
Information Security
While the prevalence of high-severity security flaws in applications has dropped slightly in recent years, the risks posed by software vulnerabilities remain high, and remediating these vulnerabilities could hinder new application development.

AI and ransomware: cutting through the hype
AI & Data Analytics Information Security
It might be the great paradox of 2024: artificial intelligence (AI). Everyone is bored of hearing it, but we cannot stop talking about it. It is not going away, so we had better get used to it.

NEC XON shares lessons learned from ransomware attacks
NEC XON Editor's Choice Information Security
NEC XON has handled many ransomware attacks. We've distilled key insights and listed them in this article to better equip companies and individuals for scenarios like this, which many will say are an inevitable reality in today’s environment.

iOCO collaboration protection secures Office 365
Information Security Infrastructure
The cloud, in general, and Office 365, in particular, have played a significant role in enabling collaboration, but it has also created a security headache as organisations store valuable information on the platform.

Cybercriminals embracing AI
Information Security Security Services & Risk Management
Organisations of all sizes are exploring how artificial intelligence (AI) and generative AI, in particular, can benefit their businesses. While they are still figuring out how best to use AI, cybercriminals have fully embraced it.

A strong cybersecurity foundation
Milestone Systems Information Security
The data collected by cameras, connected sensors, and video management software can make a VMS an attractive target for malicious actors; therefore, being aware of the risks of an insecure video surveillance system and how to mitigate these are critical skills.