Supply chain cyber attacks expected to increase in 2022
- Published: Tuesday, 02 November 2021 08:20
Check Point Software has released its cyber security predictions for 2022, detailing the key challenges that it expects organizations will face over the next year.
The company believes that supply chain attacks will become more common and governments will begin to establish regulations to address these attacks and protect networks. They will also look into collaborating with the private sectors as well as other countries to identify and target more threat groups operating on a global and regional scale.
Supply chain attackers take advantage of a lack of monitoring within an organization’s environment. They can be used to perform any type of cyber attack, such as data breaches and malware infections. The well-known SolarWinds supply chain attack stands out in 2021 due to its scale and influence, but other sophisticated supply chain attacks have occurred such as Codecov in April, and most recently, Kaseya. Kaseya provides software for Managed Service Providers (MSPs) and the REvil ransomware gang exploited the company to infect over 1,000 customers with ransomware. The group demanded a ransom of $70 million to provide decryption keys for all affected customers.
Going into 2022 we will see an increase in data breaches that will be larger scale. These breaches will also have the potential to cost organizations and governments more to recover. In May 2021, US insurance giant paid $40 million in ransom to hackers. This was a record, and we can expect ransom demanded by attackers to increase in 2022.
- Misinformation campaigns will return and we will see the advent of ‘fake news 2.0’. In 2022, cyber groups will continue to leverage these types of fake news campaigns to execute various phishing attacks and scams.
- Cyber-cold war to intensify. Improved infrastructure and technological capabilities will enable terrorist groups and political activists to further their agendas and carry out more sophisticated, widespread attacks. Cyber attacks will increasingly be used as proxy conflicts to destabilize activities globally.
- Mobile malware attacks will increase. As mobile wallets and mobile payment platforms are used more frequently, cybercriminals will evolve and adapt their techniques to exploit the growing reliance on mobile devices.
- Cryptocurrency to become a focal point for cyber attacks globally. As reports of stolen crypto wallets triggered by free airdropped NFTs become more frequent, Check Point Research investigated OpenSea and proved it was possible to steal crypto wallets of users by leveraging critical security. In 2022, we can expect to see an increase in cryptocurrency related attacks.
- Attackers to leverage vulnerabilities in microservices to launch large scale attacks. With microservices becoming the leading method for application development, and microservices architecture being embraced by cloud service providers (CSPs), attackers are using vulnerabilities found in microservices, to launch their attacks. We can also expect to see large-scale attacks targeting CSPs.
- Attackers to weaponize deepfake technologies. Threat actors will use deepfake social engineering attacks to gain permissions and access sensitive data.
- Penetration tools continue to grow. Hackers will increasingly use penetration tools to customize attacks in real time and to live and work within victim networks.