After battling a diverse range of cyberthreats throughout 2021, IT security teams are bracing themselves for another year of challenges.
Their task will be made more complex by the fact that many staff are continuing to work from home. No longer protected by corporate firewalls and other on-premise measures, these staff are more vulnerable to attacks.
During the past year, cybercriminals have also used the pandemic as an opportunity to increase the effectiveness of phishing campaigns. Emails offering advice on vaccines or seemingly issued by authorities were much more likely to be opened, exposing users to malicious code.
Nation-state attacks have also been on the rise. Often designed to cause widespread disruption to public infrastructure, these attacks are aimed to destabilise countries and cause civil unrest.
Fresh challenges
As 2022 unfolds, security experts predict there will be a number of events and issues that will cause further challenges. Teams will need to respond quickly to minimise disruption and ensure normal operations can continue. Key predictions for 2022 include:
- A semiconductor chip supply-chain will be compromised:
As the world comes to terms with an ongoing shortage of computer chips, further disruption will be caused by an attack on a critical supply chain. Such an attack will be motivated by the significant financial losses that such a disruption would cause. As well as the chip manufacturer itself, this disruption would also be felt by companies using the chips to build products as well as their customers.One of the most likely threats is a ransomware attack. Cybercriminals understand that any disruption to the chip manufacturing process is very costly and so potential victims could well opt to pay the ransom rather than deal with a protracted period of downtime.
- Ransomware will halt the supply chain of a major vaccine manufacturer:
As well as chip makers, cybercriminals are also likely to have vaccine manufacturers in their sights. With a heavy reliance on COVID vaccines as a means of avoiding ongoing lockdowns and business disruption, any such attack would have significant consequences.Aside from financial impact on the manufacturer, an attack could also lead to reputational damage and result in an increase in public mistrust of the vaccines. This could slow global recovery from the pandemic which would have a knock-on economic fallout.
- API vulnerabilities will be used to simultaneously breach multiple company networks:
There are a number of REST open-source frameworks in widespread use around the world. If an attacker is able to discover a vulnerability in one, this can be used to attack large numbers of organisations simultaneously. The threat is very real because API security products are relatively new and not widely used.Such attacks would have a huge ripple effect and cause large financial and reputational risks that could result in the loss of business partnerships and customer confidence.
- Hackers will blackmail athletes during the Winter Olympics:
This prediction has already come true. Reports have surfaced that the “My 2022” app used by athletes, journalists and staff for the Beijing Winter Olympics contains vulnerabilities that may allow third parties to access personal information.
Hackers can easily exploit these vulnerabilities and launch attacks at any event when large numbers of participants gather and where personal details are collected and stored centrally.
- There will be a successful, large-scale attack delivered through open-source software:
There have already been a range of vulnerabilities within open-source code that have been used to mount attacks. In 2022, this will shift to a new level when a large-scale attack takes place.Steps will need to be taken during the year to better protect open-source software without diminishing its intent to be publicly available.
It’s clear that 2022 will bring IT security challenges in a range of different forms. The chance of widespread disruption and loss is significant, so careful preparation is vital. Organisations need to review existing security measures, identify weaknesses, and take urgent remediation steps.
