This blog was written by an independent guest blogger.
In 2020, I published an AT&T blog called “Top Cybersecurity Trends & Predictions for 2020’” 2021 Cybersecurity Trends and Insights | AT&T Cybersecurity (att.com) In the article I had forecasted that cybersecurity would become even more of a strategic priority for companies as the cost, sophistication, and lethality of breaches would continue to rise. Also, that threat actors, especially state-sponsored, and criminal enterprises would take advantage of the expanding cyber-attack surface by using their resources to employ more sophisticated means for discovering target vulnerabilities, automating phishing, and finding new deceptive paths for infiltrating malware.
The rash of high-profile breaches such as Solar Winds, Colonial Pipeline, Kaseya, and others proved those 2021 predictions to be accurate. In fact, “the number of publicly reported data compromises in the U.S. through September of 2021 has already surpassed the total number of compromises in 2020 by 17%, according to the Identity Theft Resource Center (ITRC).” Data Breaches Are on Pace to Break a New Record High in 2021 | Money Please see my article in FORBES for more of 2021’s alarming cybersecurity statistics. MORE Alarming Cybersecurity Stats For 2021 ! (forbes.com)
As we near 2022, the cyber threat landscape remains just as ominous. Including the continued challenges of protecting critical infrastructure, the supply chain, and the ever-present task of finding qualified cybersecurity workers to fill scores of vacant roles in corporations and government that I forecasted still issues for the coming year.
I have divided my 2022 predictions into two categories. Strategic, and Tactical. Strategic perspectives provide a glimpse of what cyber-trends will be pervasive, and tactical is focuses on what technical and policy remedies will need to be prioritized by CISOs, CIOs, and their IT shops.
In 2022, ransomware attacks will continue at an alarming pace and will be more targeted. For hackers’ soft targets for ransomware extortion are plentiful, especially in the healthcare, financial, and manufacturing industries. We can expect to see more such attacks because the vulnerabilities to many networks remain open and accessible to hackers and because many victimized companies are still paying ransomware.
Ransomware is not new, and it has been around for decades. .A variant of ransomware called “WannaCry” spread swiftly in 2017 and 2018, reaching over 100 countries and infecting over 200,000 computers. Ransomware is more favored by hackers nowadays because they can get paid in cryptocurrencies that are hard to trace. Because of the prevalence of ransomware attacks, the U.S. government created a Ransomware and Digital Extortion Task Force created run by the Department of Justice (DOJ) to help track cyberattacks and digital extortion schemes and combat them. Department Of Justice Creates New Task Force To Take On Ransomware Attacks (forbes.com)
OT/IT and IoT convergence
The scale and frequency of cyber-attacks against critical infrastructure continues to grow. 2022 will be more of the same. Digital connectivity driven by the adoption of industrial internet of things and operational technology (OT) has further expanded the attack surface. IT/OT/ICS supply chains in CI can be particularly vulnerable as they cross pollinate and offer attackers many points of entry and older Legacy OT systems were not designed to protect against cyber-attacks.
In recent years, hackers and nation state adversaries have gained a deeper knowledge of industrial control systems and how they can be attacked and how weaponized malware can be deployed. Weaponized malware is a genuinely concerning and real threat to critical infrastructure. The firm Gartner Inc., projected deaths due to a cybersecurity threat weaponizing industrial facilities by 2025. The firm sees the cost of attacks that cause fatalities reaching $50 billion per year. DHS Secretary: “Killware,” Malware Designed To Do Real-World Harm, Poised To Be World’s Next Breakout Cybersecurity Threat - CPO Magazine
Also, in previewing the vulnerabilities of both hardware and software networks, Internet of Things (IoT) devices also will continue present special security challenges to CISOs as the number of connected devices to networks expands in Malthusian ways. “By 2025, it is expected that there will be more than 30 billion IoT connections, almost 4 IoT devices per person on average and that also amounts to trillions of sensors connecting and interacting on these devices. State of the IoT 2020: 12 billion IoT connections (iot-analytics.com). IoT complexity magnifies cyber risk and the lack of visibility to determine if a device has been compromised is challenging and will present more attack vectors for hackers.
Critical infrastructure and space: The new frontier
As Elon Musk, Jeff Bezos and William Shatner can attest, space is indeed the new frontier. A large part of our communication capacity as a civilization is becoming increasingly dependent on satellite relays and monitoring. With that comes cyber-risk. The national security community believes that satellites could be targeted by cyber-attacks to disrupt communications or information streams vital for commerce and security.
Many networks are now changing from terrestrial (land) based communications to the cloud, taking advantage of satellites to move data over large, international distances. There are more satellites circling in low earth than ever as launch costs have significantly lowered, which has created more targets and thus a wider attack surface for hackers to potentially attack both in space and at land-based control centers.
I agree with Samuel Visner, technical fellow at MITRE who says that “space systems should be a designated critical infrastructure. That would include launch systems, manufacturing plants, on orbit satellites and ground-based communication systems.” Industry panel: U.S. space systems need protection against cyber attacks - SpaceNews There are many capable nation state threat actors who have the capacity to do damage to space infrastructure and it could happen very soon. For a deeper dive on the cyber space threat see: Protecting Space-Based Assets from Cyber Threats - HS Today
- Industry and organizations will continue to move to Cloud, Hybrid Cloud and Edge Platforms to better optimize and securing data. This is a process that has been happening over the past several years. It will still be a major focus of budget spend for 2022.
- Updating of legacy systems and assimilation of emerging technologies such as 5G and artificial intelligence into security platforms will be prioritized. There are many shiny new toys and tools for cybersecurity operators. The challenge will be knowing how to best orchestrate those tools and understanding what is available to best mitigate industry-specific threats.
- OT and IT convergence and vulnerabilities will need to be addressed. Security by Design: OT and IT networks for industrial systems will need to be designed, updated, and hardened to meet growing cybersecurity threats. Security by design will require building agile systems with operational cyber-fusion between OT and IT to be able to monitor, recognize, and respond to emerging threats.
- More attention will be applied to Zero Trust risk management strategies. There will be more of a focus on vulnerability assessments and securing code from production throughout the life cycle. Zero trust will become more of a prevailing theme for government agency cybersecurity too.
- Protecting supply chains is still an area of key focus for CISOs. Sophisticated ransomware groups like REvil and Darkside were particularly active in 2021 against such targets. According to Microsoft, the SolarWinds hackers are already attacking more IT supply chain targets. SolarWinds hackers attacking more IT supply chain targets (techtarget.com) The security challenge comes down to understanding what is connected in the supply chain landscape, knowing how to best protect the most important assets, and effectively implementing strategies for mitigating and remediating a security incidents and breaches.
- More automation and visibility tools will be deployed for expanding protection of remote employee offices, and for alleviating workforce shortages. The automation tools are being bolstered in capabilities by artificial intelligence and machine learning algorithms.
- Cybersecurity will see increased operational budgets because of more sophisticated threats and consequences of breaches (and especially ransomware) to the bottom line. Cybersecurity becomes more of a C-Suite issue with every passing year as breaches can be disruptive and devastating for business.
There are dozens of other predictions I could add to the forecast, and I only highlighted several of the most pertinent ones. There are news items on cyber-threats and incidents published every week. As a society on the verge of unparalleled exponential connectivity, we are entering unchartered digital territory in 2022. New risks and unforeseen issues will no doubt confront us. Certainly, security teams will have many responsibilities and tasks at hand to address in the coming year.