Cyber Security Predictions for 2022
2022 will bring more data beaches, more ransomware and an increase in collaboration between organisations and the government.
1. Ransomware will continue to haunt small and large businesses
If the last few years are anything to go by, it is clear that ransomware is not going away. The enormous potential profits coupled with a minimal risk of accountability are too good a deal for cyber criminals.
Ransomware has become an industry in itself. Ransomware developers (authors) are now making their cut by developing and selling different ransomware products to criminals using a software as a service (SaaS) model. Some ransomware products sell or rent out access for as little as £5. More established versions can go for £100 or more. It’s a cheap, easily accessible business model for an aspiring criminal.
2021 also saw a new market established of initial access brokers who compromise company networks, then sell this access to criminals who go on to deploy the ransomware.
2022 will be no different but will see greater efforts and collaboration between authorities in their bid to catch, disrupt and prosecute the big players in the ransomware industry.
2. A large managed service provider will suffer a data breach
2020 and 2021 both saw instances of large service providers suffering data breaches as part of supply chain attacks. SolarWinds (2020) and Kaseya (2021) were both breached by criminals who subsequently used the providers as a foothold to access their respective client bases.
Criminals can compromise one company and thus gain direct, trusted access to thousands of clients. The returns are high when it comes to compromising data or deploying ransomware. We expect to see a similar type of breach in 2022.
3. The cryptocurrency sector will become the source of greatest gains for criminals
Cryptocurrency holders and providers are an increasingly attractive target for criminals. We have already seen many providers and exchanges hacked, leading to the losses of millions of pounds (1, 2, 3). With the anonymity of cryptocurrency as a built-in feature, the risks of attribution are low. By just leveraging a single weakness, criminals can extract huge sums with little effort and low risk, which is why we believe the largest financial losses as a result of cyber crime may come at the expense of the cryptocurrency sector.
4. There will be another Log4J type software bug
This prediction is a little more speculative. The Log4J weakness was unique as it combined ease of exploitation, giving administrative level access, and being exploitable over the internet without any need for physical or logical access. These types of weaknesses only come around every few years or so.
That said, threat actors are aware of the inherent nature of distributed software. When we have our morning coffees, we don’t make a new coffee mug each day, or go to South America to pick the beans, roast them, and finally grind them to make a coffee. We use manufactured mugs and packaged coffee so we can get a brew in five minutes. For the same reason, software manufacturers use pre-made software packages (known as libraries) when they want their software to do something.
Log4J was a software library which provided logging in software applications to enable developers to read the logs and ascertain why something was working or not working. The issue with Log4J and its recently identified weakness was its almost systemic use, it was built into software applications worldwide.
A threat actor only needs to find another Log4J type bug and they can leverage it for weeks (as with Log4J), months or even years before the public or developers become aware and can react by issuing a patch. We expect to see more threat actors digging deep for these types of criminal treasures.
5. The NCSC (National Cyber Security Centre) will increase collaboration with the private sector and UK citizens
Since its formation in 2016, the NCSC have responded to the growing need to protect national security and safeguard the public online. With a vision to help make the UK the safest place to live and do business online, the NCSC was set up as a bridge between industry and government, providing a unified source of advice, guidance and support on cyber security, including the management of cyber security incidents.
The NCSC has been integral in the development and management of the cyber essentials scheme, creating a service for the public to report phishing scams and creating best practice and guidance for how companies manage cyber security.
Following the latest release of the NCSC Cyber Security Strategy, we predict there will be more to come from the NCSC and their collaboration with businesses and the public. We expect the NCSC will release more tools and guidance that companies can use to protect themselves. The NCSC and industry started the year well in that regard by releasing vulnerability scanning scripts which businesses can leverage to understand their external vulnerabilities.
Kloudwerk works with you to help you keep the cyber criminals out. We offer affordable cyber security consultancy packages for business customers. Visit our Cyber Consultancy page for more information