2021 was an eventful year for cyber security professionals.
We saw major ransomware attacks affecting critical points in the supply chain, such as oil pipelines and meatpacking plants. We witnessed sophisticated data incidents like the one that compromised Fidelity, a major global financial firm, along with boutique trust services firms like Asiaciti Trust. And we saw a lot of the “same old, same old” cyber security incidents. “Web 1.0” threats like phishing and “Web 2.0” follow-ons like social media spoofing aren’t going anywhere.
In 2022, we expect these threats to stick around. In fact, as technology improves and the bad guys grow bolder, we expect them to become even more pervasive and problematic. As potential victims, you and your organization need to understand the nature of these threats and what you can do to avoid them.
“Triple Extortion Ransomware” Will Threaten More Businesses
It sounds scary, and it can be — at least, for organizations and individuals that don’t take steps to protect themselves.Triple extortion ransomware combines a standard ransomware offensive with a negotiating “stick”: a distributed denial-of-service (DDoS) attack targeted at victims that don’t pay up right away.
The threat of this “stick” may be present in the original demand, but don’t bet on it. You might not know you’re being targeted by a triple extortion event until the DDoS attack begins.
Ransomware’s Supply Chain Risk Will Increase
2021 was the year that ransomware — the regular kind — “grew up.” The incidents that affected JBS, a major meatpacking firm, and Colonial Pipeline, an oil and gas company that delivers a significant amount of the U.S. East Coast’s supply, showed that ransomware can have major impacts on critical infrastructure and the supply chain.
Unfortunately, we can’t control when “upstream” enterprises are targeted by ransomware, nor direct their responses. Organizations concerned about their vulnerability to events elsewhere in the supply chain must instead work to become more resilient and less reliant on “single points of failure.”
Basic Password Hygiene Is No Longer Enough
Two-factor authentication (2FA) is now the minimum acceptable security protocol in business applications. The risk that a particular password can be guessed or stolen is simply too high to bear, especially in an era of rampant ransomware. If your organization doesn’t yet use 2FA, implement it immediately and communicate the urgency of the change up and down the chain of command.
Increasingly Aggressive Zero Day Exploits Will Threaten Personal and Corporate Devices
Zero day exploits are vulnerabilities that exist in computing hardware, software, and platforms (such as operating systems) from the production date onward. It’s helpful to think of zero day exploits as manufacturing defects, although this isn’t quite right; a manufacturing defect can’t necessarily be used for malicious ends.
Unfortunately, defending against zero day exploits is difficult, and detecting intrusions that exploit them often isn’t possible. (To be sure, this is the case with many cyber events; the incident that affected Asiaciti Trust left no signs of digital intrusion, for example.) Awareness is key, as is proactive coordination with the relevant developers and manufacturers to address problems once they’re discovered.
Malicious AI Will Get Better at What It Does
In the old days, phishing emails and spoofing campaigns were written or directed by real humans. Today, they’re just as likely to be perpetrated by artificial intelligence. And while the human “bad guys” still have an edge over the machines, the gap is closing. Eventually, AI will be better at convincing people to part with passwords and other sensitive data than people themselves.
Physical and Location Security Will Matter Again
As professional workers return to centralized workplaces, the bad guys will have more opportunity to exploit these high-value targets. And as the persistence of the insider threat makes clear, many of those bad guys may already have access to the physical nodes and storage media that remote actors would target anyway.
It’s safe to assume that in 2022, we’ll hear more about “digital” incidents involving physical theft. Organizations can prepare now by shoring up their physical defenses and refreshing employees and contractors on the importance of data hygiene during travel.
Never a Dull Moment in Cyber Security
The cyber security landscape evolves by the week. For all the talk of sophisticated, large-scale incidents of the sort that affected global firms like JBS, Colonial Pipeline, and Asiaciti Trust in 2021, most of the risk turns on smaller, cruder operations — spammers, scammers, and others looking to turn a quick profit.
That’s not to say organizations shouldn’t be on their guard for more sophisticated, major threats as well. In a dispersed, multifaceted security environment, it’s important to take every risk seriously, no matter how remote it seems. And with threats poised to multiply and grow smarter in 2022 and beyond, the time to prepare is right now.
Interesting Related Article: “Greater cyber security may save world economy trillions of dollars“