- Security TWENTY
- Women in Security Awards
In 2021, the threat landscape evolved dramatically, opening up the door to increasingly sophisticated attacks, says Fabien Rech, EMEA Vice President, at the cyber firm McAfee Enterprise.
Cybercriminals are dynamic and continually switch up their tactics, therefore it’s crucial that organisations look to get ahead of adversaries in 2022 by making a shift from reactive to proactive cybersecurity behaviour.
To understand some of the emerging threats of 2022, we’ve pulled together an overview of what businesses should be looking out for and how they can bolster their security measures to protect enterprise systems next year.
Weaponising social in 2022
Year on year we see the average daily use of social media rise. However, as we move into 2022, both individuals and enterprises must pay close attention to who they are connecting with across social platforms.
As usage continues to spike, we’re seeing an increase in cybercriminals weaponising social media by reaching out to individual executives with seemingly legitimate job offers, before convincing them to download a job spec that is in fact malware.
With lines between the home and the office becoming increasingly blurred – for example, over the festive season, 73% of organisations expect at least half of the workforce to be working remotely –we’re seeing employees connecting to their social media accounts via work devices. This opens up further opportunity for hackers to exploit social channels, as while criminals could be targeting an individual executive, the end goal could be accessing broader sensitive business information.
It is therefore crucial that organisations deploy the necessary security protections across their enterprise, including all employee devices. Educating the workforce on best practices is also paramount, such as reporting any suspicious activity, questioning whether a link is dodgy, or thinking before accepting an unknown social media request. Employees must be aware of, and vigilant against, threats to avoid making it too easy for criminals to cash in on both personal and company data. What may on the surface seem like an innocent ‘follow’ or ‘connect’ request, could have a detrimental impact on the wider business.
Blurring between cybercrime and nation-state
Globally, cyber-attacks are surging, with a staggering 81% of organisations experiencing increased threats during COVID-19. With this growth in large scale attacks, we’re also expecting to see a rise in the blending of cybercrime and nation-state operations in 2022.
More recently, nation-states have been dedicating more time and resource towards achieving strategic cyber advantages. By teaming up with cybercriminals and creating front companies to hide their involvement, their aim is to gain access to private information, military tactics, trade secrets and more.
As we continue to see nation-state groups hire hackers to write code and conduct these malicious operations, companies should audit their visibility and learn from the tactics and operations being carried out by actors targeting their sector.
Having the right threat intelligence solutions in place is a critical starting point, as it will help enterprises predict and prioritise threats before pre-emptively adapting their defensive countermeasures.
This always-on, cloud-based approach also helps organisations react at speed. With a threat actor’s goal to gain access to data they can sell, leverage for ransom, or use to gain critical insight, time is of the essence. Response time will also have a direct impact on whether or not a business faces severe disruption – 43 per cent of organisations recently admitted suffering downtime due to a cyber concern, costing some over $100,000.
Our reliance on API-based services is rising, as they quickly become the foundations of most modern applications. This is only set to rise further in 2022, as global use of the internet, 5G, and connected devices continues to boom – this year alone, we saw a 57pc increase in online activity.
Often business-critical data and capabilities lie behind these APIs, and cybercriminals have been quick to take note of this and exploit the increase in API usage. However, attacks targeting APIs go undetected in many cases, as they are generally considered trusted paths and lack the same level of governance and security controls.
It’s therefore critical that enterprises make API security a priority next year. Organisations must ensure they have visibility of all application usage across their systems, with the ability to look at consumed APIs. Adopting a Zero Trust mindset will support this. It allows enterprises to maintain control over access to the network and all its instances, including applications and APIs, and restrict them if necessary.
Shoring up on API security is particularly crucial amidst the current supply chain crisis, as APIs are often used as an entry vector for wider supply chain attacks due to their interconnected nature. Next year, supply chains will continue to be a prime target for hackers, and so enterprises should look one step ahead and use threat intelligence solutions to predict and prevent API attacks before they take place.