Supply chain attacks and nation-state cyber warfare will continue to cause anguish for CISOs in 2022, says Check Point Software in its annual predictions blog.
Supply chain attacks will become more common, the security company said, which will lead to governments beginning to establish regulations to address these attacks and protect networks. They will also look into collaborating with the private sector as well as with other countries to identify and target more threat groups operating on a global and regional scale.
Check Point also expects to discover more about the global impact of the Sunburst attack on SolarWinds Orion network monitoring suite. “As investigations are still ongoing, security researchers will unveil some of the biggest questions regarding the attack: What were the attackers doing these networks, and how did they benefit from the massive attack?”
“Supply chain attackers take advantage of a lack of monitoring within an organization’s environment,” the blog warns. “The well-known SolarWinds supply chain attack stands out in 2021 due to its scale and influence, but other sophisticated supply chain attacks have occurred, such as Codecov in April, and most recently, Kaseya. Kaseya provides software for Managed Service Providers (MSPs) and the REvil ransomware gang exploited the company to infect over 1,000 customers with ransomware. The group demanded a ransom of $70 million to provide decryption keys for all affected customers.
Among other predictions:
—The cyber ‘cold war’ intensifies: The cyber cold war is intensifying, and taking place online as more nation-state actors push western governments and continue to destabilize society. Improved infrastructure and technological capabilities will enable terrorist groups and political activists to further their agendas and carry out more sophisticated, widespread attacks. Cyber-attacks will increasingly be used as proxy conflicts to destabilize activities globally;
—Attackers leverage vulnerabilities in microservices to launch large scale attacks: The move to the cloud and DevOps will result in a new form of botnet. With microservices becoming the leading method for application development, and microservice architecture being embraced by cloud service providers (CSPs), attackers are using vulnerabilities found in microservices, to launch their attacks. We can also expect to see large-scale attacks targeting CSPs;
—Penetration tool usage will continue to grow: Globally in 2021, one out of every 61 organizations was impacted by ransomware each week. Ransomware will continue to grow, despite the efforts of law enforcement to limit this growth globally. Threat actors will target companies that can afford to pay a ransom, and ransomware attacks will become more sophisticated in 2022. Hackers will increasingly use penetration tools to customize attacks in real-time and to live and work within victim networks. Penetration tools are the engine behind the most sophisticated ransomware attacks that took place in 2021. As the popularity of this attack method grows, attackers will use it to carry out data exfiltration and extortion attacks.
“In 2021, cyber criminals adapted their attack strategy to exploit vaccination mandates, elections and the shift to hybrid working, to target organizations’ supply chains and networks to achieve maximum disruption,” said Maya Horowitz, vice-president of research at Check Point Software. “The sophistication and scale of cyber-attacks will continue to break records and we can expect a huge increase in the number of ransomware and mobile attacks. Looking ahead, organizations should remain aware of the risks and ensure that they have the appropriate solutions in place to prevent, without disrupting the normal business flow, the majority of attacks including the most advanced ones. To stay ahead of threats, organizations must be proactive and leave no part of their attack surface unprotected or unmonitored, or they risk becoming the next victim of sophisticated, targeted attacks”