technologyreseller.co.uk 39 PREDICTIONS continued... Marc Laliberte Watchguard Technologies Mike Sentonas, Crowdstrike Ashvin Kamaraju, Thales Rick Jones, DigitalXRAID Ilia Sotnikov, Netwrix are distracted. With our critical national infrastructure increasingly connected, 2022 will see threat actors weaponise operational technology environments more successfully than ever, targeting systems that, once offline, will have a significant impact on our day to day lives. Given that the UK energy industry is already facing a turbulent time, we are most likely to see a major energy supplier taken offline, with threat actors holding the service to ransom. Deepfake technology is now so sophisticated that we are starting to see cybercriminals move away from tried and tested methods like phishing to carry out far more advanced attacks on enterprises. In 2022, we will see deep fake AI utilised to impersonate the CEO of a high-profile global enterprise. Such attacks have already started to gain in popularity, with threat actors using AI to clone the voices of business leaders in order to steal huge amount of money. If these attacks become more widespread, the consequences could be devastating. Rick Jones, CEO and Co-founder, DigitalXRAID Ransomware-as-a-service increases risk Ransomware-as-a-service (RaaS) poses the biggest risk to businesses in the coming year. RaaS will not change the defences needed to mitigate ransomware attacks (regular backups, data encryption, MFA and continuous monitoring will still prove useful), but it will increase the risk to organisations due to a higher volume of attacks. This is because RaaS gives people without the skills to create and deploy ransomware the option to carry out an attack by buying ready-made ransomware tools. The rise of RaaS in 2022 is likely to lead to a ‘see what sticks’ approach, rather than targeted, tailored attacks. Such attacks may also have lower ransoms, making payment seem more attractive, perpetuating yet more attacks. The next 12 months will also strengthen the trend of large companies recognising and understanding the importance of having a strong security strategy. This means hackers will start searching for new ways in – we’re already seeing evidence that they are leveraging a back-door entrance through smaller partner companies with less budget to secure their networks. To mitigate the danger from supply chain attacks, it is essential that organisations understand, evaluate and quantify the risk of working with third parties and ensure that well-defined security policies and frameworks such as ISO 27001 are put in place. Liability around breaches must be contractually agreed, and businesses should look to implement regular penetration testing to protect their networks and demonstrate their due diligence. Adopting a Zero Trust architecture will be a popular solution for reducing risk in 2022. While a level of trust is essential for organisations and their suppliers, resellers and service providers, cyberattacks are now becoming so financially devastating that more stringent measures must be put in place. Ilia Sotnikov, cybersecurity expert and VP of User Experience & Security Strategist, Netwrix Cyber insurance costs to keep growing Legislation will increase as security incidents at private companies affect national security. The impact of ransomware and other cyberattacks is no longer limited to the victim company; attacks are now affecting entire regions, with attacks on companies that supply food or fuel leading to empty shelves in supermarkets and long queues at petrol stations. We can expect security requirements for private organisations in critical sectors to become tougher, in particular notification rules, as governments need more visibility into the specifics of cyberattacks in order to improve legislation. In some cases governments may offer tax breaks that reward organisations for investing in cyber defenses. Cyber insurance costs will increase and policies will mandate higher security standards. With insurance payouts becoming both more frequent and more costly, the cost of cyber insurance has already skyrocketed: prices were up 96% in the US and 73% in the UK in the third quarter of 2021 compared to the same quarter in 2020. We expect continued increases in 2022. In addition, insurance policies will require the implementation of critical controls that reduce the risk of cybersecurity incidents. With attacks becoming increasingly common, insurance companies will pay in exceptional cases only. More attacks will target MSPs as a path to infiltrate large enterprises or government agencies. Attackers have seized upon a very effective strategy for getting access to large organisations — through the relatively weaker IT infrastructures of SMBs that provide them with services. Accordingly, managed service providers (MSPs) will need to increase the breadth and depth of their security measures, since many SMBs rely upon them for their security. Cyber security Marc Laliberte, Technical Security Operations Manager, WatchGuard Technologies Space-hacking to hit the headlines in 2022 “There are already more than 4,000 operating satellites in space, which, combined with the growing number of commercial space flights and governmentfunded missions to explore other planets, have turned space into a giant attack surface for cyber criminals and statesponsored hackers. Cyberattacks aimed at space systems could disrupt internet access and other critical national infrastructure, interfere with Global Positioning Satellite (GPS) systems, and even disable or turn satellites into weapons. With the increasing value of orbital systems to nation states, economies and society, we suspect governments have quietly started their cyber defence campaigns in space already.” Mike Sentonas, CTO, CrowdStrike The rise of the extortion economy In 2021, we saw the rise of the double extortion ransomware model, in which threat actors demand one ransom for the return of data and an additional ransom to prevent that data from being leaked or sold. This year, we expect the extortion/ exfiltration side of ransomware to achieve even higher levels of sophistication, possibly with a shift away from encryption to a sole focus on extortion. An entire underground economy is being built around the business of data exfiltration and extortion. Data-shaming websites are popping up like street-corner storefronts, providing a hub for ransomware groups to post and auction stolen data that’s being held ransom. These ransomware groups are revamping their entire tactics, techniques and procedures (TTPs) to exfiltrate and sell stolen data more effectively. Even if the threat actors can’t get their ransomware to execute past the encryption stage, they’ll pivot and find other ways to gain access to the data to sell for a profit. Ashvin Kamaraju, CTO, Thales Deep fake AI and ransomware up the ante Rising fuel bills are a growing concern for businesses and consumers – and energy suppliers are focusing all their efforts on remaining financially viable. Unfortunately, hackers pounce when people
RkJQdWJsaXNoZXIy NDUxNDM=