Supply chain attacks and nation-state cyber warfare will continue to scare CISOs in 2022, says Check Point Software on his annual forecast blog.
Supply chain attacks will become more common, the security firm said, which will lead governments to begin enacting regulations to combat these attacks and protect networks. They will also consider working with the private sector, as well as with other countries, to identify and address more threat groups operating at the global and regional levels.
Check Point also expects to learn more about the global impact the sunburst attack on the SolarWinds Orion network monitoring suite. “As the investigation continues, security researchers will uncover some of the biggest questions related to the attack: What did the attackers on these networks do and how did they benefit from the massive attack?”
“Supply chain attackers take advantage of the lack of surveillance in a company’s environment,” warns the blog. “The well-known SolarWinds supply chain attack stands out in 2021 for its scope and impact, but other sophisticated supply chain attacks have emerged, such as Codecov in April and most recently Kaseya. Kaseya provides software for managed service providers (MSPs) and the REvil ransomware gang exploited the company to infect over 1,000 customers with ransomware. The group requested a $ 70 million ransom to provide decryption keys to all affected customers.
Among other predictions:
–The Cyber Cold War is intensifying: The cold cyber war is intensifying and taking place online as more and more nation-state actors push Western governments and continue to destabilize society. Improved infrastructure and technological capabilities will allow terrorist groups and political activists to advance their agendas and carry out more sophisticated, widespread attacks. Cyber attacks are increasingly used as proxy conflicts to destabilize activities around the world;
–Attackers use vulnerabilities in microservices to launch large-scale attacks: The move to the cloud and DevOps will lead to a new form of botnets. As microservices become the leading method for application development and the microservice architecture is adopted by cloud service providers (CSPs), attackers use vulnerabilities in microservices to launch their attacks. We can also expect large-scale attacks on CSPs;
–The use of penetration tools will continue to increase: Worldwide in 2021, one of 61 organizations was influenced by Ransomware every week. Ransomware will continue to grow despite efforts by law enforcement agencies around the world to limit this growth. Threat actors will target businesses who can afford to pay the ransom, and ransomware attacks will get more sophisticated in 2022. Hackers will increasingly use penetration tools to customize attacks in real time and to live and work on victim networks. Penetration tools are the engine behind the most sophisticated ransomware attacks that took place in 2021. As this attack method becomes increasingly popular, attackers will use it to carry out data extraction and blackmail attacks.
“In 2021, cybercriminals adjusted their attack strategy to take advantage of vaccination mandates, elections, and the transition to hybrid working practices to target organizations’ supply chains and networks for maximum disruption,” said Maya Horowitz, vice president of research at Check Point Software . “The complexity and scale of cyberattacks will continue to break records, and we can expect a huge increase in the number of ransomware and mobile attacks. Looking to the future, organizations should remain aware of the risks and ensure they have the appropriate solutions to prevent most attacks, including the most advanced, without disrupting the normal flow of business. To stay one step ahead of threats, organizations need to be proactive and not leave any part of their attack surface unprotected or unattended or they run the risk of becoming the next victim of sophisticated, targeted attacks. “
#Supply #chain #nationstate #attacks #highlight #provider #World #Canada #News