From Cybereason’s point of view, three major trends will determine the next year in terms of cyber security:
Ransomware crime will again reach new heights. Because the attackers are no longer just small groups of hackers who spread their malware widely. Instead, entire cartels are increasingly forming that coordinate their attacks in a targeted manner and pursue long-term strategies. We call this RansomOps. In contrast to most previous ransomware attackers, they behave more cautiously and much less conspicuously once they have penetrated a network. They are even more difficult to identify. Your primary goal is to initially collect information about the IT infrastructure and valuable data in this way. If you have this, hit it. Companies must be particularly careful here and check even the smallest suspicious behavior, for example by Indicators of Behavior (IOBs).
The next year will determine the security of supply chains as a further trend. Because of their central importance for supply and economic processes, they are more and more targeted by cyber criminals. If only individual links in the supply chain are attacked, it has a huge impact on the whole. Because an IT security system is only as strong as the least secure link in a supply chain. If a company’s defensive measures are strong enough, hackers can often make a detour via suppliers. Such approaches are apparently particularly lucrative for cyber criminals, also at telecommunications companies. They have a broad customer base and their network is linked to many companies. Once the hackers have cracked this door, they have access to many different targets in one fell swoop. Cybereason research already implemented this strategy last year in the case of DeadRinger and GhostShell disclosed. This trend will increase significantly in 2022.
The third big trend is that the line between private and stately hacker groups is becoming more and more blurred. Interstate and intra-state conflicts have long been waged on the battlefields in cyberspace. This makes companies – especially those that house the critical infrastructure of a state – increasingly the target of state attacks. States are also working more and more closely with private groups, as in the example MalKamak from last year shows. They often enter into a symbiosis in which everyone pursues their own interests. Private actors steal a large sum of money, while state actors benefit from the failure of critical infrastructure in the target area and valuable information about the nature of this.
Even in 2022, preparation is the best defense for any company and government institution. Only those who are clear about how cybercriminals will attack in the future and what overall strategies they are pursuing can initiate the right steps and the appropriate precautionary measures in good time – so that companies and organizations can also act securely in 2022 and shape the future.