TRENDING the top targets , often neglecting the affiliates since they were perceived as less skilled . This , combined with the lack of disruptions in the RaaS ecosystem , will create an atmosphere where those lesser-skilled affiliates can thrive and grow into very competent cybercriminals , eventually with a mind of their own .
Raj Samani , Fellow and Chief Scientist of McAfee
Enterprise and FireEye they can be proactive and actionable in protecting their information .”
McAfee Enterprise and FireEye 2022 Predictions :
Use of social media for targeted attacks . While this approach is not new , it is relatively uncommon . After all , it does demand a level of research to ‘ hook ’ the target into interactions and establishing fake profiles are more work than simply finding an open relay somewhere on the Internet . That being said , the targeting of individuals has proven a very successful channel , and we predict the use of this vector could grow not only through espionage groups , but other threat actors looking to infiltrate organizations for their own criminal gain .
Game of ransomware thrones . In 2022 , these self-reliant cybercrime groups will shift the balance of power within the RaaS eco-kingdom from those who control the ransomware to those who control the victim ’ s networks . Ransomware has generated billions of dollars in recent years and it ’ s only a matter of time before some individuals who believe they aren ’ t getting their fair share become unhappy .
Keep a close eye on API . Recent statistics suggest that more than 80 % of all Internet traffic belongs to API-based services . 5G and IoT traffic between API services and apps will make them increasingly lucrative targets , causing unwanted exposure of information . The connected nature of APIs potentially also introduces additional risks to businesses as they become an entry vector for wider supply chain attacks . In most cases , attacks targeting APIs go undetected as they are generally considered as trusted paths and lack the same level of governance and security controls .
Nation states turn to hackers for hire . In 2022 , we will see an increase in the blending of cybercrime and nation-state operations . In many cases , a startup company is formed , and a web of front companies
or existing ‘ technology ’ companies are involved in operations that are directed and controlled by the countries ’ intelligence ministries . The initial breach with tactics and tools could be similar as ‘ regular ’ cybercrime operations , however it is important to monitor what is happening next and act fast – companies should audit their visibility and learn from tactics and operations conducted by actors targeting their sector .
Rise of smaller affiliates . The Ransomware-As-a- Service ( RaaS ) eco system has evolved with the use of affiliates , the middlemen and women that work with the developers for a share of the profits . However , for a long time , RaaS admins and developers were prioritized as
It is crucial that enterprises stay aware of the cybersecurity trends so that they can be proactive and actionable in protecting their information .
Hijackers will target your application containers . Containers have become the de facto platform of modern cloud applications . In a recent IBM survey , 64 % of adopters expected to containerize over 50 % of existing and new business applications over the next two years . However , the accelerated use of containers increases the attack surface for an organization . And while attacks against containers are not new , in 2022 , we anticipate expanded exploitation on the orchestration layers , increasing use of malicious or backdoored images through insufficient vulnerability checks and increasing attacks targeting vulnerable applications .
Zero cares about Zero-Days . 2021 is already being touted as one of the worst years on record with respect to the volume of zero-day vulnerabilities exploited in the wild . The scope of these exploitations , the diversity of targeted applications and ultimately the consequences to organizations were all notable . As we look to 2022 , we expect these factors to drive an increase in the speed at which organizations respond . As a consequence , we can also expect renewed diligence around asset and patch management . From identifying public facing assets to quickly deploying patches despite potential business disruption , companies will have a renewed focus on reducing their ‘ time to patch ’. p
20 INTELLIGENTCIO AFRICA www . intelligentcio . com