To tackle covid-19 challenges, companies adopted technology-led advancements and solutions to maintain productivity and workflow without interruptions. Companies are also embracing the hybrid workplace model, threat actors are poised to move in on the events arising from a business aspect still in flux. Current pain points are bound to occur as the push for digital changes redefines companies’ attack surfaces. However, companies will be prepared to curb these threats by hardening their defenses with a multitude of tools and best practices.
Research, foresight, and automation are critical for organizations to manage risk and secure their workforce. Trend Micro blocked 40.9 billion email threats, malicious files, and malicious URLs for customers in the first half of 2021 alone, a 47% year-over-year increase.
Below are the security predictions for 2022 by Trend Micro
Cloud Threats
With its endless capacity to store and process vast amounts of data, the cloud has enabled companies to quickly transition to remote work after the Covid-19 pandemic broke out. As a result, cloud migration will remain a key aspect of the new business operations norm in the coming year.
Cloud attackers will pivot and stay put; they will shift left to follow technology trends and continue using tried-and-true attacks to wreak havoc on cloud adopters. Threat actors will make sure to cover all the bases. They will continue to wage tried-and-true types of attacks and at the same time carry out ones that use new trends in technology to keep themselves secure. As a result, not only will enterprises will use SaaS-based applications and solutions, but adoption is set to increase.
Cloud computing is the essential element of digital transformation. Enterprises need to keep their cloud infrastructure secure by following the basics of cloud security, including understanding and applying the shared responsibility model, using a well-architected framework, encrypting, patching, and bringing in the right level of expertise.
Enterprises will also need to enforce tighter security protocols around build systems and the code developer’s check-in, especially if the submitted code has a hand in critical production processes.
Ransomware Threats
Ransomware attacks usually involved endpoints as primary entry points, with victims falling prey to attacks by opening malicious emails or visiting malicious websites that surreptitiously deployed ransomware payloads. But when the COVID-19 hit the world, we saw a noticeable turn in how ransomware operators carried out their attacks.
Threat actors who want to obtain access to target companies are now focusing on opened services and service-side comprises. And as hybrid workplace, a model wherein employees operate both remotely and from the office, becomes the new norm for companies, The hybrid work model has many benefits like enhanced productivity, but it also has undeniable cybersecurity cons. Because of the increased attack surface from less secure remote working environments and servers, it is hard to pinpoint how Threat actors are coming in and making attacks and how cybersecurity teams can stop ransomware attacks at time zero.
Vulnerability Exploits
The coming year 2022 promises to rival the all-time high of zero-day exploits that have become the threat landscape of 2021. We foresee that even more in-the-wild zero-day exploits will be found in 2022, which will not certainly advise a drop in code quality but will be fueled by various factors.
Enterprises will need to ensure that their IT security teams are well-ready to change and address this imminent surge in exploits. This will involve giving teams the support and resources they need to take inventory of devices in an IT environment through asset management, monitor security updates from vendors to respond as soon as vulnerabilities are publicly disclosed, and practice virtual patching or machine isolation to protect any potential threat entry points.
Commodity Malware Attacks
Unusually do SMBs have assigned security teams, and when they do, these teams are likely constrained by insufficient budget. Globally, cybersecurity expenditure is on track to exceed by the end of 2021, but SMBs spend only over $40 billion annually on IT security solutions, remaining an underserved market in which only the more mature SMBs retain in-house security talent.
Because of their budget constraints, we predict that many SMBs will make securing endpoints their top priority, followed by protecting their networks. Some SMBs might be even more prepared than others, however. Those that are more online-based, relying heavily on cloud-based services and platforms, will be more aware of the risks posed by commodity malware on their mission-critical operations, owing to the nature of their business. These companies are more likely to make security a part of their on-the-board agenda, writing in cybersecurity solutions as part of their cost of sales.
IoT Threats
Smart devices have long been tempting marks in the eyes of Threat actors, banking on the fact that the limited computational capacity of most IoT devices leaves little room for built-in security. As a result, IoT devices have been used in many attacks, like distributed denial-of-service (DDoS) attacks. If they are to future-proof their products, car manufacturers in 2022 will need to work closely with security vendors to decide how to implement security collectively.
Supply Chain Threats
The Covid-19 has shone a rugged spotlight on the fragility of supply chains. Massive economic shortages and delays have arisen because of several factors, including increased demand, shipping container and worker shortages, and years-long dependence on leaner production systems, resulting from the just-in-time manufacturing model.
When supply chain woes started becoming a worldwide burden, the value of supply chains also started becoming even more evident to struggling businesses and crooked cybercriminals undeterred but rather fueled by a global pandemic.
In particular, supply chain attacks have become increasingly interconnected with ransomware campaigns this year, as exemplified by the high-profile REvil/Sodinokibi attacks on large organizations, including Quanta Computer, JBS Foods, and Kaseya.
Kevin Simzer, COO at Trend Micro said, “We have more cybersecurity researchers embedded across the globe than any competitor, and those insights and discoveries are used widely within the industry and power our own product offerings, These teams power much of the threat intelligence for which we are renowned.”
