Victor EzejaDue to increasing activities in the online space, especially after the COVID-19 pandemic lockdown, cyber security has been one of the top issues of concern to management of different organisations globally as Internet hackers keep devising strategies to outwit their victims.
Cyber security experts and advisors at HP Wolf Security have predicted that many organisations indifferent sectors will be vulnerable as a result of supply chain and Ransomware gang attacks that may likely occur in the year 2022.
One of the key trends the experts reflected on is that of supply chain attacks which they said were likely to continue to present new opportunities for hackers in 2022 due to increasing commoditisation of software on supply chain Tactics, Techniques and Procedures (TTPs). Such according to the experts could result in more high-profile victims being targeted.
Supply chain attacks made headlines around the world in 2021. Michael Heywood, Supply Chain Security Lead at HP Wolf Security, said, “We’ll see supply chain attacks continue to rise in 2022 as threat actors search for weak links in software supply chains, targeting software being used widely and globally, or used by a specific company.”
Supply Chain attacks is such that occur when hackers manipulate the code in third-party software components in order to compromise the ‘downstream’ applications that use them to be able to which affords them opportunity to steal data, gain access to other parts of the victim’s network or corrupt targeted systems.
Also on supply chain attacks, Joanna Burkey, Chief Information Security Officer explains, that such approach could create economies of scale for the hackers las known as threat actors. He said, “With the Kaseya breach – which impacted over 1,500 companies – we saw that supply chain attacks can be financially rewarding. This could lead to the continued commoditisation of the Tactics, Techniques, and Procedures (TTPs) used to conduct such attacks. This only adds fuel to the fire, giving threat actors more than enough motivation to exploit software supply chains this year,” Burkey predicted.
Health care firms will not be left of by the threat actors as Robert Masse, HP Security Advisory Board member explains that, “Healthcare firms, as well as those in Energy and Resources (E&R), that use lots of different hardware and software from various vendors will be interesting targets for software supply chain attacks.
He further predicted that “supply chain integrity will be vital in 2022, as attackers begin launching attacks quicker than organizations can invest in secure software development cycles.”
In this regard, Patrick Schläpfer, Malware Analyst, advised organisations to be aware of the threat posed by vulnerabilities in open-source softwares, warning that, “Attackers will proactively inject new threats into open-source libraries that feed into software supply chains. This could lead to more companies being compromised, regardless of whether they have a secure perimeter or good overall posture.”
The second trend they predicted was that ransomware gangs could put lives at risk and engage in ‘pile-ons. Ransomeware is a form of cyber attack in which the operator’s create a malware that invades the victim’s system and threaten to expose their personal data or compromise the system and encrypt the data to block their access, pending when the victim pays a ransom to regain access to their system and data, a form of extortion of the victim.
Ransomware they experts said, will continue to be a major risk this year, with victims potentially being attacked more than once.
On the pattern the gangs will adopt, Senior Malware Analyst at HP Wolf, Alex Holland, said, “Ransomware operators will almost certainly intensify the ways they pressure victims into paying their demands. Beyond data leak websites, attackers are using increasingly varied extortion methods, such as cold calling, and contacting customers and business associates of victim organisations.”
Another trend of cyber attack identified by the experts is weaponization of firmware.
Dr. Ian Pratt, Global Head of Security for Personal Systems said observed that the security of firmware is frequently neglected by organizations, with much lower levels of patching observed. This he said, provides opportunity for cyber attackers to strike and develop weaponized threat to achieve their goal.
Masse said lack of visibility and control over firmware security will exacerbate the issue, and advised that certain “industries where these attacks could be more probable should start thinking about the risks posed by the weaponization of hardware-level malware and exploits,” adding that “they are very difficult to detect even in the best-case scenario.”
“Rogue processes and memory mapping bypasses will be hot topics in 2022, and we can also expect to see threat actors targeting CPUs, the BIOS and microcode as part of a revised kill-chain for ransomware attacks.”
The experts advised that policy makers in cyber security should step in and develop standards for improving firmware security.
The fourth trend in cyber security they identified is that hybrid work and sporting events will create more opportunities to attack users.
Michael Howard, head of security and analytics practice noted that the shift to hybrid work will also continue to create problems for organizational security, saying “Every single employee remains a target for attackers, with the volume of unmanaged and unsecure devices creating a huge attack surface to defend.”
Masse believes such could make it easier for attackers to go after high-profile staff. “Threat actors could start to target the homes and personal networks of top executives, even government officials, as these networks are easier to compromise than traditional enterprise environments,” he stated.
The concluded that a new approach to cyber security is therefore needed.
Ian Pratt said “The rise of hybrid working and continued innovation from threat actors means 2022 has plenty of nasty surprises in store for enterprise security. As a result, we need to go about securing the future of work in an entirely different way. Organizations should embrace a new architectural approach to security that helps to mitigate risk and enable resilience. By applying the principles of Zero Trust – least privilege access, isolation, mandatory access control and strong identity management – organizations can drastically reduce the attack surface and secure the future of work.”
Victor Ezeja is a passionate journalist with six years of experience writing on economy, politics and energy. He holds a Masters degree in Mass Communication.
Follow Us