5 Predictions for Cybersecurity in 2022

Five Predictions for Cybersecurity in 2022

Predictions. It seems like everyone is doing them. At Solis Security, we try to change it up a bit, so we are not repeating what others are saying. So, if you don’t see it on here, it doesn’t mean we don’t agree, it probably just means someone else said it already.

  1. The US Government is going to turn up the heat in different ways.

    There are several reasons things will get hotter. First, the Feds have made some ground with some ransomware takedowns and arrests. It has not stemmed the rate of attacks, but it is progress. They will not want to lose momentum, so you will see them much more motivated to get involved with ransomware/exfiltration cases in 2022.  Second, you are seeing more involvement from other agencies like the Secret Service. The FTC has openly commented on an increased involvement with cases related to the recent Log4J vulnerability. Third, due to the fact that these Federal agencies are being more vocal about what they are doing, and no one wants to be on their bad side, people in the industry are making sure that they are informed of any attacks. Finally, it is a Congressional election year, so someone may look at these as global wins.
  2. Exfiltration Only will become a more prevalent type of incident.

    A couple of years ago it was only ransomware. People finally started to take their backups wisely, so the ransomware gangs added exfiltration as a standard part of their attacks. But why bother with supporting ransomware and dealing with the technical support hassles? Why not just go for the juicy confidential data and extort? We think that will happen. If you can just exfiltrate data and get paid the same, why bother with the overhead of file encryption? 
  3. Log4J.

    There are reports of actual successful exploits by hackers, including ransomware gangs, of this vulnerability. We think the worst is yet to come. Log4J will wear out its 15 minutes of fame and once that 16th minute comes, the real attacks start to happen. Attackers will wait until people dial their Log4J Sensitivity Levels down and then strike and the damage will massive. We think the attackers are still working through the most effective ways to leverage this vulnerability and get the most bang for their buck.  
  4. Attackers will get smarter.

    This is a bit of a Captain Obvious one, but the way they get smarter is the focus of this point. In 2021, we saw that some ransomware gangs threatened to instantly cut off communications, destroy decryption keys and publish data if they discovered an IR firm was involved. We saw some go completely nameless, most likely in attempt to subvert sanctions. We have seen others outsource parts of their process to other ransomware gangs such using another ransomware gang’s dump/leaksite. As we see with more traditional “tech startups”, these gangs are constantly reinvesting in new ways to grow their bottom line, network amongst themselves, and pivot their tactics based on what the market will bear. Given the number of resources at their disposal with many years of profitable activity, and still minimal legal consequences, we cannot underestimate their growth potential. 
  5. There will be at least five major vulnerabilities in 2022.

    What we are referring to here are vulnerabilities like SolarWinds, ProxyLogon and Log4J. There are just too many smart people in the world today looking for vulnerabilities and too many incentives motivating them to do so. These people have different reasons for doing so. It may be for clout. It may be for bug bounties. It may be to sell to cybercriminal gangs. It may be for research purposes. No matter what the reason or reasons are, it will force organizations to remediate quickly or suffer the consequences. 

There you have it – five predictions for 2022.   Stay vigilant and prepared! 

Leave a Comment