Social media platforms – fastest growing threat surface in 2022?

Social media platforms will not only be experiencing even more attacks but will also become the fastest-growing attack surface in 2022.
30 November 2021
  • Social media platforms will also become the fastest-growing attack surface in 2022
  • Dependence on social media platforms may lead to the evolution of ransomware tactics
  • Organizations will not have enough cybersecurity skills to deal with increasing cyberattacks 

Social media platforms have been a mainstay in personal lives for some time, and continue to play an integral role for businesses. Despite the numerous criticisms made towards the use of social media platforms, their influence remains critical for most business operations that intend to reach a wider audience.

However, with a growing reliance on social media platforms like Facebook, Instagram, Twitter, TikTok, and WhatsApp for business, cybercriminals are also now finding ways to wreak havoc on organizations that rely on them.

In fact, PhishLabs’ Quarterly Threat Trends and Intelligence Report indicated that social media threats targeting enterprises have increased by 47% since January 2021. While the attack volume varies by industry, the average organization is now being targeted on social media with increasing frequency.

The FBI’s internet crime report 2020 showed that victims in the U.S. have lost over $155 million to social media-enabled cybercrime. The National Retail Federation also reported that Gen-Zers look to social media for inspiration, with around half of college students purchasing products on Instagram.

According to Ben Smith, Field CTO at NetWitness, social media platforms will not only experience even more attacks but will also become the fastest-growing attack surface in 2022. Smith believes that today’s social media platforms represent the biggest, cheapest, and fastest method for an adversary to effect change in the physical world. And it is not by destroying equipment as part of a cyberattack, but by mobilizing humans towards the adversary’s goals.

Disinformation, and its skillful development and deployment, will produce real-world physical effects,” explained Smith.

A love-hate relationship with social media platforms

At the same time, Smith also believes that dependence on social media platforms will lead to the evolution of ransomware tactics. The “double-extortion” model, whereby data is encrypted and the adversary simultaneously threatens to release the data, will persist.

Much as there has been every year, Smith elaborated that there will be new combinations of existing tactics, as attackers continue to innovate how to run their own revenue-generating business operations for the greatest efficiency. More worrying is that attacks launched from locations not addressed by the US legal system, will further complicate response efforts.

Staying with regulations, Smith highlighted that many organizations scrambled to keep moving forward in the chaos that was early 2020, and there were shortcuts and other compromises in that compressed timeframe.

“Some companies found that their pre-pandemic architecture was built with assumptions about where data is typically handled – and with the remote workforce wave, these legacy data handling practices didn’t keep up with new geographies,” commented Smith. “What was previously not a compliance issue, may be one today. Regulators will start to notice this and take action.”

Interestingly, Smith also highlighted that privacy legislation will accelerate globally.

“Data residency will continue to be an important component at the national level worldwide. Regardless of your corporate size, if you are charged with securing your global organization, be thinking about your own architecture and where the data is collected, where it lives, and where it is handled – these may be three different jurisdictions,” he continued. “The flexibility of your current architecture will become even more important as new privacy regulations are passed and enforced.”

 Are organizations prepared for 2022?

With that said, Smith pointed out that nation-state actors will also continue to prepare the battlefield for future action. For Smith, sometimes an attack against critical infrastructure is deployed to cause an immediate effect, but sometimes the attack is carried out simply to leave behind code that may prove useful to the adversary in the future.

“Nation-states are not petty thieves rattling door handles as they walk around. They are canny and deliberate and are thinking about long-term gain, not short-term disruption,” added Smith.

With cybersecurity issues generally expected to increase next year, Smith is also worried that the cybersecurity skills gap will only widen. Despite a large number of educational programs and certifications designed to demonstrate proficiency as a cybersecurity professional, those numbers will be outstripped by the number of new jobs which must be filled.

“Smart organizations will relax their ‘perfect candidate’ standards and widen the net to find good people. Do you really think that attackers have ‘the right security certifications’ that you demand of your new hires?” asked Smith.

The reality is alas, social media platforms will most likely be a gateway to more cyberattacks in the future. For organizations, they need to ensure they are aware of the usage of such platforms and how they can have full visibility on what goes on there.