The year 2021 has come to an end, it is time to take stock and intuit what will happen in 2022. Last year we have seen attacks such as those of SolarWinds and many others such as the popular Log4shell. In an increasingly digital world, cybercrime is becoming increasingly sophisticated and diversifying its objectives. Ransomware and Phishing attacks have also played a major role. However, security is being taken more and more seriously and zero trust policies are in place. In this article, we are going to talk about ransomware attacks, zero trust, and 2022 predictions.
The year 2021 has seen a significant increase in ransomware attacks in sectors such as government, business and banking. Also one of the favorite ways cybercriminals prefer to pay ransomware ransom is Bitcoin and other cryptocurrencies. In that regard only in the first months of 2021, until May 10, ransomware groups raised 81 million dollars in cryptocurrencies. They do this because they make it difficult to trace the money and thus it is more difficult for the competent authorities to stop them.
Among the 2022 predictions, it is most likely that the SMEs become an economically very profitable target for ransomware groups. The reason is that they do not have to make a lot of effort because they do not have adequate security measures. In addition, we will also see how something most common ransomware training. In this regard, the level of preparedness for crisis management or prevention can make a difference. For that reason, training employees to respond to emergencies makes a lot of sense. Good training on ransomware and phishing attacks can prevent or mitigate such attacks.
Attacks on supply chains
We have recently seen supply chain attacks like Solar Winds or Colonial Pipeline. Attackers can choose several avenues to introduce malicious code or components into a trusted piece of software or hardware. This can affect high-profile targets such as the military and public government sectors. Furthermore, for example, if it affects the electricity sector or a large company, collaterally it will end up affecting third companies. Among the predictions for 2022, this type of attack is also expected to continue to increase.
During this new year 2022, possibly these types of attacks increase since they are quite profitable for cybercriminals.
Zero-trust and application security
The zero trust strategy is aimed at controlling both the traffic that goes out and the one that goes into the network. What sets it apart from other ways of working is that even traffic that is generated internally, within the network itself, must be considered a danger. Its use has increased due to the combined increase of advanced attacks, cloud adoption, and remote work. This has made companies realize that they needed to renew their approach to digital security, starting with implementing zero trust policies. Among the 2022 predictions we should see steady progress in this matter, especially when it comes to human and machine authentication.
Another of the main priorities for companies will be the application security. Risk management essentially becomes making sure these applications are secure. For that reason, you have to be very careful with their privileged access as they will continue to be a coveted target for cybercriminals in their quest to exploit human errors. In this aspect, we must focus on giving each user only the permissions that correspond to them and avoiding incorrect configurations.
In 2022, any approach to cybersecurity will focus on the visibility and observability of data in real time. Obtaining a complete IT asset inventory of all the hardware and software a company uses or a list of all its third-party vendors is going to be a major challenge. However, as we move toward better detection and remediation capabilities, threats will need to be monitored and detected more quickly.
The good news is that governments are heading in the right direction, and most entities will benefit from accelerated programs to implement, enforce or review cybersecurity best practices in 2022. Finally, companies are also eager to adopt security solutions. tailored cybersecurity, apply zero trust policies and implement network segmentation to obtain greater security.