Predict 2022: Top Cybersecurity Threats for 2022

Two cybersecurity experts identified the top security threats for 2022 during an online Predict 2022 conference hosted by Techstrong Live, an arm of Techstrong Group, the parent company of Security Boulevard.

Both Mike Jones, host of the H4unt3d Hacker podcast and a former anonymous hacktivist, and Donovan Farrow, CEO of Alias Forensics, a cybersecurity forensics firm, agreed that ransomware will again be a dominant security issue in the coming year.

Ransomware attacks, however, will expand to include not just critical infrastructure like power grids and banking systems but also health care systems. There was already one death that directly resulted from a ransomware attack on a hospital, noted Jones.

The attacks also are becoming both more organized and hostile, added Farrow. Advanced persistent threat (APT) groups are now working with cybercriminals that specialize in gaining access to networks or gaining intelligence as part of a two- or three-pronged attack, said Jones.

Ransom negotiations also are being handled by individuals that act as brokers for various ransomware gangs, he added. The going rate for ransom these days seems to be $6 million, mainly because of all the individual specialists now involved, said Farrow.

The challenge is even when one of the ransomware gangs is taken down by law enforcement officials, another 15 copycats emerge to take its place, Farrow added. In many cases, patient cybercriminals are taking their time—sometimes waiting months—and observing how organizations operate for months before launching a ransomware attack to ensure it has the most devastating impact possible, said Farrow.

While ransomware generates most of the cybersecurity headlines of late, Jones noted that malicious actors acting in support of a nation-state in the midst of geopolitical tensions will be a bigger issue in 2022. Supply chains might be especially vulnerable as cybercriminals look to target smaller companies that are part of a larger company’s supply chain, he noted. The top threat, however, may be to food and water supplies—which could result in everything from major disruptions to the outright poisoning of those supplies, said Jones.

Some countries are even training armies of teenagers to launch cyberattacks as part of their national strategy, added Farrow.

Other emerging threat vectors include incident response teams that are not prepared for a cyberattack. Organizations should engage in tabletop exercises that enable them to respond more adroitly to, for example, a ransomware attack that encrypts all their files. Unpatched systems, especially if they are older assets, are also a major threat vector. In fact, both Farrow and Jones said they rarely see zero-day attacks; the bulk of attacks involves known vulnerabilities.

Finally, Farrow said remote access will be a major issue as organizations continue to rely on insecure virtual private networks (VPNs), mobile devices and on compliance mandates that only provide a basic level of cybersecurity.

The coming year is clearly shaping up to be more challenging than the last. The good news is the tools that cybersecurity teams have at their disposal are getting better. The bad news, on the other hand, is that cybercriminals are investing in more automation themselves and the cybersecurity arms race is only accelerating.

Featured eBook
Managing the AppSec Toolstack

Managing the AppSec Toolstack

The best cybersecurity defense is always applied in layers—if one line of defense fails, the next should be able to thwart an attack, and so on. Now that DevOps teams are taking  more responsibility for application security by embracing DevSecOps processes, that same philosophy applies to security controls. The challenge many organizations are facing now … Read More