Critical national infrastructure, remote workers, and supply chain are top cyber attack targets for 2022

Published: Wednesday, 08 December 2021 08:54

Bridewell Consulting, has outlined its top cyber security predictions for 2022. The company warns of the automation of security threats, increased risks for remote workers, and more nation-state attacks on critical national infrastructure.

Bridewell Consulting’s predictions are:

2022 will be the year of remote risk – with remote and hybrid working here to stay, Bridewell Consulting expects to see a large increase in mobile malware attacks. Cyber criminals will evolve and adapt their techniques to exploit the growing reliance on mobile devices and remote working. Social engineering will remain the initial attack vector for deployments of malware, phishing, and ransomware, with an increase in Deepfake technology making attacks more technologically convincing in 2022. Phishing volumes have already surpassed levels seen in 2020, and in 2022 we’ll see a rise of update-themed phishing emails designed to trick remote employees into believing they are legitimate updates, as well as those used to tailgate employees into restricted areas under the guise of being a new employee hired during lockdown.

Ransomware will become automated – human operated ransomware will be the biggest cyber risk for organizations in 2022. Different from traditional commodity ransomware attacks, we’ll see more cyber criminals with a high level of offensive security knowledge gain access to organizations and survey the environment for an extended period before launching a potentially devastating attack on data and systems. The risk presented by human operated ransomware will only increase as wormable variants such as WannaCrypt and NotPetva are utilised more. Additionally, automation will play a key part in the evolution of modern ransomware and malware attacks, with machine learning and artificial intelligence (AI) used to remove some of the mistakes that allow businesses to respond to current threats.

Volume of hackers-for-hire will increase – over the past few years, groups such as REvil and DarkSide have appeared and disappeared after carrying very public attacks against numerous industries. In 2021, we saw a number of hacker groups arrive, have a big impact, and then vanish as quickly as they came, only to repeat the same process again a few months later. In 2022 we can expect more of the same, in particular large attacks on lucrative targets such as supply chains and cloud providers to maximise ransom value and payments. Managed services and third-party suppliers will also be under greater risk. Phishing-as-a-Service will become commonplace on dark web forums, increasing attack volumes.

Zero trust will become the de facto cyber security approach – with the rise of hybrid working, zero trust will become critical in 2022. Lack of secure cloud configuration will continue to cause security breaches and organizations will seek to separate users and devices from data, applications, infrastructure, and networks, through the identify, authenticate, authorise and audit model (IAAA). More CIOs and CISOs will roll out system-wide multi-factor authentication (MFA) with stricter rules around conditional access built in and supported by session information and telemetry to develop a comprehensive audit trail for real-time detection of a policy breach. Extended detection and response (XDR) will also become the technology of choice for zero trust, enabling rapid detection and response of threats across endpoint, network, web and email, cloud and importantly identity.

Organizations will turn to hybrid SOC models to plug skills gaps and aid consolidation – as the cyber skills shortage grows and enterprises lack security professionals with the depth of knowledge and technical skills to develop more advanced capabilities required for running a cloud-native modern security operations centres (SOC), we will see more organizations turn to hybrid SOC models which combine the cyber skills of in-house teams with the expertise of a managed security service provider (MSSP). Companies will use providers to plug gaps in defences / defenses while developing in-house expertise in tools and techniques including EDR, XDR, and intelligence-based threat-hunting. Hybrid SOCs will also be used to facilitate consolidation of security tools, driven by a growing desire from the board to reduce security costs, maximise ROI and improve efficiency.

Rise in 5G and connected devices will increase IoT risks – 5G will continue to be rolled out globally in 2022 and increase the number of connected devices within organizations, particularly within industrial IoT. Manufacturing and critical national infrastructure (CNI) will remain the sectors most susceptible to security issues, with more factories and facilities becoming connected and more organizations reliant on IoT devices for measuring and monitoring processes remotely. Bridewell Consulting predicts that we will see the introduction of more government guidance and standards to bolster IoT security as uptake increases.

Organizations will shift focus from prevention to detection and response – as the speed and complexity of attacks continue to grow, demand for managed security services, such as managed detection and response (MDR) will rocket. No longer the luxury of large enterprises, in 2022 companies will seek to shift from prevention to response and look to implement early warning systems to alert on early signs of a potential breach. Security orchestration automated response (SOAR) solutions, such as Microsoft Sentinel, will be critical alongside MDR to help to improve the efficiency. Traditional tools such as anti-malware software and spam blockers will still be important, but these will increasingly be combined with proactive tactics, such as MDR, threat hunting, and ethical hacking to ensure any vulnerabilities are identified and mitigated immediately.

Critical national infrastructure will face more threats – CNI will face increased activity from nation state groups, which are likely to prioritise green energy targets given the global focus on the development of sustainable infrastructure. The oil and gas sector will also be the subject of more directed attacks from hackers-for-hire as they attempt to target high value income industries.

Cyber security transformation will drive digital transformation – digital transformation became a necessity for businesses in 2021, driven largely by COVID-19. Probably the biggest mistake we saw in 2021 was a reactive approach to security transformation, whereby security was only considered afterwards. In 2022, Bridewell Consulting expects to see this model flipped with a rise in mature companies who seek to use cyber security transformation as the driver for digital transformation.  Cyber security will shift from a box-ticking exercise to a business enabler, with CISOs and CIOs working directly with the CEO to develop an adaptive and customisable security model to ensure cyber security is as strong as possible before broadening the attack surface further.

Cyber security vendors will start to consolidate – Microsoft and Google will evolve to become leaders in cyber security. Microsoft has already announced a huge commitment to growing its cyber security offering and given the company’s dominance in the collaboration market and Google has already taken huge steps to bolster its security expertise. As both companies continue to build their expertise, we  can expect to see traditional cyber security players start to lose market share as they struggle to keep up with the visibility, coverage and collaboration benefits the global giants can offer.

www.bridewellconsulting.com