Connect with us


Security predictions for 2022

Security predictions for 2022 3

Security predictions for 2022 4By Guido Grillenmeier, Chief Technologist, Semperis 

Attackers will find routes into the cloud that start on your on-premises server 

On-premises Active Directory (AD), Windows’ directory service, remains a wide open weak spot in most companies. As the core of Windows operating systems, AD manages user permissions and holds the key to numerous business-critical processes and services – but its default configuration makes it an easy target. While businesses are increasingly shifting workloads from on premises to the cloud, AD remains a foundational piece of infrastructure for both environments for 90% of organisations, and it’s not going anywhere anytime soon. Cybercriminals know this and are increasingly using AD weaknesses as an inroad for attacks against data and applications in the cloud, thus bypassing classic cloud protection systems.

Attackers will increasingly target identity systems 

As the recent Facebook outage showed, when core identity providers go down, those applications that depend on them for user authentication are affected too. The more users rely on shared infrastructure, the more impactful outages will be. This makes large identity providers a perfect target for hackers. For the fast-growing number of businesses around the world that depend on the Microsoft Azure cloud, Azure AD acts as a major identity provider, authenticating countless users every minute. Hackers compromising Azure AD could therefore take out several apps at once and do damage on a large scale.

Zero trust will become the default in many organisations 

With hybrid workspaces here to stay, organisations need to ensure safe identity management in the cloud. More businesses will adopt zero-trust authentication and access models as the necessity for the protection of cloud identities increases.

Sophisticated ransomware attacks will come from unsophisticated attackers 

Sophisticated ransomware attacks are no longer the preserve of nation states. In 2022, anybody can access the tools to carry them out. Ransomware-as-a-service is another way that unskilled actors are getting the job done—by contracting out to groups like LockBit 2.0 to do the dirty work. As attackers seek to make maximum profit, campaigns that steal and threaten to reveal information gain popularity. Once data has been extorted, attackers may then come back asking for regular payments.

The ransomware crisis will reach fever pitch before governments take significant action – fuelled by the fact that there is no shortage in vulnerable systems that can be attacked. What’s worse, any remaining morality filter has been removed. Attackers no longer care about the physical impact they cause, for example by attacking critical infrastructure and hospitals where lives could be at risk. As a result, critical everyday services could become unavailable, prices could go up and we could find ransomware affecting our daily lives.

A rise in intellectual property theft 

Large companies will have a hard time protecting their intellectual property against digital espionage. Businesses are having to manage increasingly complex IT systems with the same or fewer staff, and are finding it difficult to fill highly skilled security positions. Cybercriminals will continue to find easy ways into an organisation by attacking a smaller or newer company higher up the supply chain that hasn’t got strong cyber defences in place, so there is no doubt that we will see more supply chain attacks in the new year. We may see bad actors deploying artificial intelligence as they have the money and resources to do so.

Editorial & Advertiser disclosure
Our website provides you with information, news, press releases, Opinion and advertorials on various financial products and services. This is not to be considered as financial advice and should be considered only for information purposes. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third party websites, affiliate sales networks, and may link to our advertising partners websites. Though we are tied up with various advertising and affiliate networks, this does not affect our analysis or opinion. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you, or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish sponsored articles or links, you may consider all articles or links hosted on our site as a partner endorsed link.
Global Banking and Finance Review Awards Nominations 2022
2022 Awards now open. Click Here to Nominate


Newsletters with Secrets & Analysis. Subscribe Now