As the famous Charles Dickens quote goes, "we are in the best of times, yet we are also in the worst of times". On one side, organizations, and users alike, benefit from the emergence of new technologies, including the Internet of Things (IoT), 5G, artificial intelligence (AI), and so on. On the other side, there has been a rise in recent successes scored against high-profile targets, including the world’s largest meat processing company, JBS, that shut down facilities in the United States, Canada, and Australia after an attack.
Meanwhile, since the pandemic started, bad actors have been exploiting the vulnerabilities of organizations moving to remote working strategies. On the other side, security professionals have worked tirelessly to mitigate the threats, and vendors are delivering new and reliable technologies to support their efforts.
Based on the information and analysis from our professionals, here are the top five security and risk trends we think are worth watching as we go into 2022 and ways Sentia helps organizations stay prepared for the possibility of threats.
1. Ransomware Attacks Keep Rising
Undoubtedly, ransomware attacks have made headlines in the past few months, with between 800 and 1500 businesses worldwide falling victims. Even though Canadian companies are ‘lucky’ that the world’s largest ransomware attack to date hasn’t affected them more substantially so far, the country remains seriously vulnerable to such threats on critical infrastructure. Certainly, the ransomware attack on the major U.S. gasoline pipeline should put complacent Canadian organizations and regulators on high alert to ransomware threats.
“My sense is we are seriously vulnerable, and this [attack] is a major canary in the coal mine,” says Christian Leuprecht, a Queen’s University professor and senior fellow in security and defense at the Macdonald Laurier Institute. Currently, hackers launch ransomware attacks through phishing emails, software vulnerabilities, and remote desktop protocol.
A post on Gartner states that the percentage of nation-states passing legislation to regulate ransomware payments and negotiations will rise to 30 percent by the end of 2025, compared to less than 1 percent in 2021. This trend further asserts that ransomware will remain a top security risk in 2022, and security experts should expect a more aggressive crackdown on payments.
2. New Security Challenges Due to Remote Working
COVID-19 has indisputably changed how we work. A Gartner survey revealed that 48 percent of employees would likely work remotely at least part of the time after the pandemic, up from 30 percent before the pandemic. Another report indicates that 74 percent of the companies consider letting at least part of their workforce remain remote permanently. As a result, organizations are increasingly looking at how to embed remote work into workforce planning, either for the short term or more radically as part of transformative hybrid-workforce models.
Sad to say, such changes introduce new challenges to enterprise security. The pandemic saw companies become more reliant on decentralized digital operating systems than ever before, something many of them were ill-equipped for in terms of becoming exposed to attacks. Hackers are now targeting tools used to facilitate remote work strategies – like the VPNs, RDP, and emails – to target businesses.
3. Zero Trust to Become a Basic Security Requirement
The traditional castle-and-moat security model trusts access from inside by default but requires verification and authorization for outside access. Regrettably, this model is highly vulnerable to insider threats. Besides that, the security model is only effective for traditional network perimeter and not the current fluid and blurred network boundaries featuring technologies such as IoT, cloud technology, mobile technology, and remote working strategies.
Fortunately, companies can deploy the zero-trust model that means they trust nothing but verify everything related to users and devices. What’s more, zero-trust means you assume that the network is hostile and only give authorized entities the least privilege access they need to fulfill their function. Organizations can follow the NIST Special Publication 800-207 recommendations when implementing a zero-trust approach for their IT landscapes. Notably, this model can enhance identity governance, allowing the right entity to get the right resources by verifying their identities and assigned attributes. Businesses can also introduce micro-segmentation that places individuals or small groups of related resources on different network segments respectively, each protected by an independent gateway security component.
4. Frequent Supply Chain Attacks
Attackers in supply chain attacks infiltrate systems through third-party suppliers instead of targeting the victim directly. With vendor-provided services or products being used by multiple organizations and users, the impact of supply chain attacks can be extremely comprehensive. For instance, in the 2020 SolarWinds hack, hackers injected multiple malware into the SolarWinds Orion platform used by many organizations. As a result, the attack affected both government departments such as Homeland Security, State, Commerce, and Treasure, and private companies such as Microsoft, FireEye, Intel, Cisco, and Deloitte.
Based on this and other previously reported supply chain attacks, it is apparent that the threat is hard to detect since attackers do their best to blend in – for instance, the injected code is similar to the host in many ways. Furthermore, the attacks are worsened by their ability to affect a massive number of victims by quietly hiding malicious code inside the update files, libraries, source codes, and third-party components and only starting after users deploy the product on their device.
5. Operational Technology Increasingly Become Targets of Cyberattacks
OT systems used in industries are vulnerable to attacks owing to the fact that they often adopt old operating systems and software with low update rates. Other than that, organizations may avoid OT system updates repeatedly, fearing they would cause system failures or require reboots, which can result in severe damage to operations. Needless to say, these issues were trivial in the past since OT systems were mainly stand-alone and not connected to public networks. However, with the broader application of IoT and cloud technology, the systems are no longer immune to external offense.
A post on Gartner states that threat actors will have weaponized operational technology environments successfully enough to cause human casualties in the next four years. Undeniably, as malware spreads from IT to OT, it shifts the conversation from business disruption to physical harm.
Upping the Ante with Sentia
As we go into 2022, organizations can effectively take prevention, detection, and response to the next level with Sentia’s state-of-the-art security solutions. As might be expected, organizations aware of the uncertain security future deploy multiple prevention and detection technologies to defend points of entry and movement, such as networks, endpoints, users and data. Unfortunately, while such tools generally do a fine job preventing and detecting the vast majority of cyberattacks, they continue to miss the edge cases, particularly the sneaky attacks that squeak through the cracks of point solutions.
Based on our prediction of the top security and risk trends going into 2022, the real challenge in security will be finding the threats that bypass first-line defenses as quickly as possible and implementing measures like zero-trust to mitigate both external and insider threats. With Sentia, organizations can consolidate and rationalize security alerts into actionable incidents and automate investigation and response actions. Classically, we provide multiple, integrated detection and prevention technologies to block standard and advanced attacks across your environment.
Contact Sentia today for a no-obligation consultation on how to keep your organization protected against the latest cybersecurity threats.