Government remains a target
Terry Greer-King, VP EMEA at SonicWall believes the government is likely to remain as a top target for ransomware attacks in 2022.
“By an overwhelming margin, the most commonly targeted sector in 2021 was the government, with attack numbers tripling from 2020’s high point. Each month in 2021, there were more ransomware hits on the government and public sector than any other industry. By June, government bodies were getting hit with roughly 10x more ransomware attempts than average, with constant APT activity causing chaos in incidents like the Colonial Pipeline attacks. With much discussion of new cybersecurity legislation around the world recently, governments will continue to be a top target for hackers to aggressively pursue.”
A move toward multi-vendor solutions
Beyond data breaches, Scott Riley, founder and director of cloud migration firm Cloud Nexus, expects to see those in the public sector begin to break free from large and costly single source IT relationships and move toward multi-vendor solutions.
This, he says is “a move based purely on the enormous cost-savings associated with working with tactical IT service providers.
“With remote working looking like it will continue for the foreseeable, I suspect many organisations will focus on adapting working processes which will lead to the ability to buy commercial, ‘off the shelf’ software. This will replace the notion of getting custom software written (or heavily customised) to match existing internal processes, thus leading to a reduction in costs.”
UK National Cyber Strategy 2022
Recently, the new UK National Cyber Strategy 2022 was released by the National Cyber Security Centre (NCSC). Zeshan Sattar, director learning & skills certification at IT trade association CompTIA, describes it as “the ambitious five pillars that will ultimately keep UK as a world leading cyber power are built upon a highly skilled and diverse cyber talent pipeline.
“This has a key impact to the public sector as they roll out technology across different areas, the question to be asked is whether it is secured and who is protecting the data stores that contain citizen data. It is my hope that the cybersecurity professionals monitoring such systems are trained and certified to make sure that we can all sleep soundly at night.
Windows passwordless authentication to fail and cyber insurance to surge?
The WatchGuard Threat Lab predicts that while Microsoft Windows password-less authentication will take off in 2022, cyber criminals will be quick to find ways to bypass it.
Instead, it says that the growing cost of cyber insurance will drive the uptake of strong multi-factor authentication (MFA) for remote access, as insurers demand better cyber defences to reduce soaring premiums.
You might also like
“While we commend the fact that Windows has gone password-less for digital validation, we also believe the continued focus on single-factor authentication for Windows logins simply repeats the mistakes from history,” said Corey Nachreiner, CSO at WatchGuard Technologies. “Microsoft could have truly solved the digital identify validation problem by making MFA mandatory and easy to use in Windows. Organisations should force users to pair two methods of authentication, such as biometrics or tokens with a push approval to your mobile phone sent over an encrypted channel.
‘Quiet’ cyberattacks in 2022
Quiet threats will be a feature of cyberattacks in 2022, according to Nigel Thorpe, technical director at SecureAge.
“Rather than go for the one-hit, big attack, cybercriminals are increasingly looking to infiltrate an organisation without being noticed for long periods of time,” said Thorpe. “This way, data can be exfiltrated from servers and endpoints at a slow and steady pace so as not to attract attention.
Thorpe also believes that the most popular point of entry for these quiet attacks will be through targeting email and other messaging systems. Cybercriminals are becoming increasingly sophisticated when it comes to weaving together pieces of personal information from the dark web or social media to create apparently legitimate and believable messages that have dangerous attachments or download links.
“This just goes to show that all data is sensitive and should be protected all of the time,” he said. “The traditional way is to try to stop cyber criminals getting to the data with increasing layers of defence and access controls. It’s time to change these habits and start to protect the data itself – whether at rest, in transit or in use. We need to start beating the ransomware criminals at their own games. After all, they can’t demand a ransom for data that is already encrypted before they get to it.”
Zero Trust becomes the baseline
“Zero Trust has been a trend that has topped cybersecurity priorities for the past few years, according to Joseph Carson, chief security scientist at ThycoticCentrify.
“It’s becoming an increasingly important framework to not only reduce the known security risks of the past, but also to reduce the security risks of the future,” he said. “As companies start looking into what Zero Trust really is, it becomes apparent that it is not a single solution you purchase and install, or a task you check as complete. Zero Trust is a journey and a mindset on how you wish to operate your business in a secure way. You don’t become Zero Trust – you practice a Zero Trust mindset.
“Companies are looking for ways to reduce the risks from cyberattacks and accept that security must become a living system within the business rather than the old legacy static approach. In 2022, Zero Trust can help organizations establish a baseline for security controls that need to be repeated and force cybercriminals into taking more risks. That results in cybercriminals making more noise that ultimately gives cyber defenders a chance to detect attackers early and prevent catastrophic cyber-attacks.”