New and Evolving Cyber Threats to Watch in 2022
There’s been an alarming increase in cyber attacks on corporate networks over the past two years, and that unfortunate trend is likely to continue throughout 2022. In addition to surging levels of ransomware, supply chain and distributed denial of service attacks, the federal government’s Cybersecurity and Infrastructure Security Agency (CISA) warns that the recently discovered log4j vulnerability will likely pose significant risks for years to come.
During a recent conference call with reporters, CISA DirectorJen Easterly said the log4j flaw is “the most serious vulnerability I’ve seen in my career.” Noting that it potentially impacts hundreds of millions of Internet-connected devices, she said CISA expects it to be exploited by malicious actors “well into the future.”
Log4j is a widely used open-source logging library for Java applications. In early December, security researchers discovered that cyber criminals can trick log4j into storing strings of malicious code. With the ability to post malicious code right into the logging library, attackers can bypass standard defenses such as antimalware applications. In addition to launching malware, attackers can use the flaw to open back doors into corporate networks and later sell that access on the Dark Web.
Fallout from the log4j bug will addt o the already crowded cybersecurity landscape. In addition to finding and fixing those flaws, here are five other threats that will dominate cybersecurity efforts in the coming year:
Ransomware. Ransomware attacks reached record levels in 2021, and the rise of ransomware-as-a-service (RaaS) will likely drive more frequent attacks in 2022. Automated ransomware delivery kits designed for attacking thousands of random IP addresses and targets are available on thedark web for only about $200. Subscription-based RaaS exploits only cost about $50 a month. Attacks are also evolving in other ways. Instead of simply encrypting data to extort payments, attackers are increasingly conducting double-extortion attacks in which they also exfiltrate data and threaten to release it.
Supply chain attacks. The SolarWinds and Kaseya attacks are two well-known examples of supply chain exploits. These types of attacks are on the rise because they provide malicious actors with an efficient way to infiltrate multiple targets from a single entry point. In a recent CrowdStrike survey, 77 percent of organizations reported they have suffered an attack that originated through an outside partner or vendor. To counter such threats, more organizations are investing in third-party risk management efforts, including zero-trust methodologies.
Multi-vector attacks. Malicious actors are increasingly using multi-vector attacks that combine multiple threats deployed across multiple points of entry. For example, phishing emails or text messages often contain fake hyperlinks to spoofed websites or documents with malicious scripts. The malicious payload may launch multiple attacks, such as exfiltrating data while simultaneously installing ransomware. One study finds that attacks now commonly target eight or more vectors.
Encrypted threats. Malicious actors are regularly leveraging encryption to slip past network defenses in order to distribute malware, launch ransomware attacks and exfiltrate data. Security analysts say more than 90 percent of network threats are now delivered over encrypted channels.
Cloud attacks. All cloud services require configurations related to users, roles, permissions, storage, service connections and more. However, configuration errors, insecure interfaces,unpatched applications, and poor encryption and authentication practices are opening the door for a variety of cloud exploits. In a recent IDC survey, 98 percent of companies said they experienced at least one cloud data breach within the previous 18 months.
A managed services provider (MSP)such as SSD can help you develop a comprehensive cybersecurity strategy that addresses today’s threats. Give us a call to learn more about our Assuranceprogram.