2021 was no easy year for anyone, including cybersecurity experts. With many cyber-threat fears coming true, from cloud security threats to deepfakes, some worry about what 2022 might bring. Here Neil Ballinger, head of EMEA at automation parts supplier EU Automation, discusses cybersecurity predictions for 2022. 

In 2021, many organisations were slow to adapt to the new security climate. However, with ransomware becoming one of the most concerning trends for 2022, businesses will need to adapt their cybersecurity quickly in preparation.

Typically, ransomware gains access to organisations via phishing attacks conducted on an organisation’s employees by tricking them into providing details or clicking a link that will download the malware. This works by infecting devices with a virus that encrypts files and refuses to reveal the decryption key until a ransom is paid. In some cases, hackers threaten to publish the data publicly if the victim does not comply with their requests.

In 2021, the number of ransomware attacks grew substantially, targeting, among others, critical infrastructures such as water treatment facilities. One example is the attack on a water treatment facility in Florida that could have endangered many lives. Other notable attacks on critical infrastructure include targeting hospitals and gas pipelines.

Many believe that this trend will only continue into 2022. In fact, research by PwC shows that 61 per cent of UK executives expect a boom in ransomware incidents. As a result, 63 per cent of them are increasing their cybersecurity budgets for 2022. But what are the main access points for cybercriminals, and how are these attacks typically carried out?

Social engineering 

Cybercriminals usually carry out these attacks by exploiting an employee to gain access to an organisation’s system. Social engineering is a term used to describe a range of malicious activities achieved through human interactions, usually using psychological manipulation to trick employees into making security mistakes or giving out sensitive information. Although social engineering is nothing new, it is predicted that it will grow in popularity in 2022 due to the success of hybrid and remote working initiatives.

Cybercriminals will often investigate an employee to gather necessary background information. The attacker will then try to gain their trust using this information to persuade them to release sensitive data or give access to the network. Other techniques used to gain access to company networks include phishing, spear phishing, baiting, scareware and pretexting.

The method of gaining access to a network may differ, but the best way to combat these attacks remains education. By educating employees on cybersecurity, such as advising them not to open any links they are unsure of, not using unapproved USB devices or giving out company details, and connecting only from secure networks, companies can limit the risk of being a successful target.

IoT

As of 2021, the number of IoT-connected devices was approximately 13.8 billion. The increase in popularity of internet-connected devices means that enterprises are able to collect valuable data to care for their equipment and optimise processes. However, IoT connections also provide more access points to digital systems, which can be exploited by cybercriminals. With the number of IoT devices expected to increase to 25.4 billion by 2030, exposure is also set to increase.

As IoT devices become prevalent, they also become more advanced, with many businesses investing in the development of digital twins. The term was first coined in 2002 by Michael Grieves and describes comprehensive digital simulations of systems or businesses from reconstructed sensor data, allowing for manufacturing processes to be tested prior to implementation. This technology allows companies to gain insight into operation improvements, efficiency or issues. However, it also holds a gold mine of data and provides access points for exploitation.

The threat of IoT devices has long been recognised, with past attacks gaining access through connected systems such as PLCs to gain access to companies’ valuable data. Edge computing can limit data exposure, but this solution alone does not erase all risks.

So, what can manufacturers do? The usefulness of IoT devices to manufacturing is undeniable, but with the shadow of cyberattacks growing, companies should start securing their IoT devices now. To protect against these attacks effectively companies should conduct regular audits of all connected devices to assess any vulnerabilities.

Supply chain attacks

Attacks on supply chains have long been a threat to businesses. The significant increase in software supply chain attacks makes it a likely threat for 2022.

Supply chain attacks are effective in causing mass disruption to a business by taking down their software supply chain and services. There are many methods a cybercriminal could use to attack a supply chain, for example by attacking website builders, third-party software providers or third-party data stores or by carrying out a watering hole attack.

We can expect these attacks to continue in 2022 but with the added worry of their possible commoditisation, meaning that cybercriminals will see value in these attacks and be more likely to risk carry them out. This commoditisation is anticipated to encourage even less-skilled attackers to perform supply chain attacks.

Microsoft advises protecting against supply chain attacks by deploying strong code integrity policies, allowing only authorised apps to run and using endpoint detection and response solutions to detect suspicious activities.

The increased threat to cybersecurity does not negate the benefits of using technology such as IoT devices. Education is the best form of defence against all cybersecurity threats — the more you know about network vulnerabilities, the better you can protect them.