Cybersecurity Trends for 2022
According to Frank Kölmel, Vice President Central Europe at Cybereason, TÜV SÜD’s cyber-security vendor, the most important Cyber-Security trends for 2022 could be considered as:
RansomOps, supply chain security, and the emergence of private and state-run hacker groups.
According to Cybereason, ransomware attacks will reach a new dimension again this year. The attackers are no longer just small groups attacking on a broad scale. The attackers are more and more organized in structures similar to cartels, following long-term plans and strategies. These attacks are therefore also known as RansomOps.
The attackers are also way more secretive and harder to detect. Their primary goal usually is to gather information on IT infrastructure to find weaknesses that can be exploited and targeted, even more damaging attacks.
Another emerging topic is supply chain attacks. Targeting weak links in a supply chain often has damaging effects on all companies in the chain. Therefore cyber-security must no longer be a topic covered by companies on a ‘standalone’ base, but needs to be addressed and implemented with a common understanding and be actively deployed in every company throughout the supply chain. Only by making it mandatory to adhere to highest professional standards with regards to cyber-security for all companies in a certain supply chain network can the danger of attacks be limited.
The third most important topic for cyber-security experts in 22, according to Cybereason, are governmental hacker institutions collaborating with private hacker groups. International conflicts are more and more transferred into cyberspace. Governments use the experiences and logistics of private hacker groups in order to launch attacks on critical infrastructure and state-owned enterprises and institutions. It’s a classic win-win situation: Governments get intel and may profit from damages to their opponent’s critical infrastructure while the hacker groups get away with large sums of money.
Besides RansomOps, supply chain security and hacker groups, the following topics will also continue to be of importance in 22: Cybercrime-as-a-service is emerging with Amazon-like marketplaces in the dark web offering ransomware and other malware, including highly professional technical support, in a license-fee business model.
These trends also show that countermeasures need to be considered in 22! Awareness is now more important than ever and must be the top priority for companies and individuals. Employees and citizens must be aware of how attacks work, be enabled to detect malicious attachments and know how to proceed in case they did click on the link they shouldn’t have.
Hackers and attackers will always be inventive and find new ways to attack and we will surely see new trends emerging this year. But well-trained employees and citizens play a crucial part in cyber-defense and the harder they make it for the attackers, the less impactful these attacks will be.
Ransomware attacks locks down prison in New Mexico
Earlier this month, a ransomware attack shut down the IT network of the Bernalillo County government. While fortunately crucial services such as 911 call centers, Sheriff’s offices and Fire and Rescue services were able to operate normally, other public services were not available for days. While the attack mostly meant merely inconveniences for the general public, the attack’s impact on the inmates of the Metropolitan Detention Center has been much larger.
The surveillance camera system was down and it was impossible to cover the premise. This “create[d] a significant security concern for the safety of staff and inmates during out of cell time,” as a court filling says.
Wardens had to manually unlock each cell individually when inmates needed to get out for exercise or recreation.
This week the Albuquerque Public Schools were under attack.
Neither the attackers nor the details of the attack and its full impact are publicly known today. Investigations are still ongoing.
Cyber Attack on Ukraine
Ukrainian government websites went down in the early morning hours on Friday January 14th.
The attack hit the security and defense council, foreign and education ministries as well as the embassies in UK, Sweden and the US.
Official websites were taken over and a message was shown announcing, that all data has been “uploaded to the public network [and] is destroyed, it is impossible to restore it.”
According to government officials, fortunately that message is not true and no personal data has in fact been drained from the systems.
However, investigations on the severity of the attack as well as its origin are still ongoing. First websites were already being restored during the course of the day.
According to official sources, 1.200 attempted cyber-attacks have been fought off in just nine months last year. It is suspected that Russia might play a role as tensions between Ukraine and Russia are intensifying. Russian officials denied any involvement.