Weaponized social media cyber attacks predicted in US and elsewhere in 2022
Cyber attacks in the US continue to be increasing despite numerous efforts taken by enterprises and the government. While ransomware continues to be the biggest culprit for most attacks, state-sponsored hackers have also been increasing and continue to target critical infrastructures that can disrupt the supply chain.
In fact, the effects of cyber-attacks in the US have caused so many disruptions that Joe Biden, US President has requested tech companies and enterprises to make cybersecurity their main priority. The President has also had several discussions with world leaders on ways to handle the situation and exchange intelligence on cybercriminals.
According to the Identity Theft Resource Center’s Q3 First Half Data Breach Analysis, the number of publicly-reported data compromises through September 2021, has exceeded the total number of events in 2020 by 17%. The trendline continues to point to a record-breaking year for data compromises.
As cyber-attacks in the US increase, big tech companies have also made several announcements on how they plan to deal with the issue after having discussions with the government. For example, Microsoft has launched a national campaign to train a quarter of a million students to expand the cybersecurity workforce.
While governments and tech companies continue to find ways to reduce cyberattacks, cybercriminals are also planning more ways they can wreak havoc on organizations. Predictions by cybersecurity vendors show that nation-state hackers are now looking to weaponize social media to target more enterprise professionals, looking to infiltrate organizations for their own criminal gain.
Weaponizing social media is one of the many methods in McAfee Enterprise’s and FireEye’s 2022 Threat Predictions. The report examines the top cybersecurity threats they predict enterprises will face in 2022. Bad actors have taken note of the successful tactics from 2021, including those making headlines tied to ransomware, nation-states, social media, and the shifting reliance on a remote workforce.
“Over this past year, we have seen cybercriminals get smarter and quicker at retooling their tactics to follow new bad actor schemes – from ransomware to nation-states – and we don’t anticipate that changing in 2022,” said Raj Samani, fellow and chief scientist of the combined company.
“With the evolving threat landscape and the continued impact of the global pandemic, enterprises must stay aware of the cybersecurity trends so that they can be proactive and actionable in protecting their information,” added Samani.
The report highlights the growing concern on methods nation-state hackers may use to infiltrate organizations. Apart from weaponizing social media, national states may increase their offensive operations by leveraging cybercriminals, prompting companies to audit their visibility and learn from operations conducted by actors targeting their sectors.
Ransomware cyberattacks in the US will continue
Ransomware is also expected to continue to be a menace in 2022. Ransomware-as-a-Service (Raas) will see a shift between the balance of power within those who control the ransomware to those who control the victim’s networks.
“As more ransomware players have entered the market, we suspect that the most talented affiliates are now able to auction their services for a bigger part of the profits, and maybe demand a broader say in operations. For example, the introduction of Active Directory enumeration within DarkSide ransomware could be intended to remove the dependency on the technical expertise of affiliates. These shifts signal a potential migration back to the early days of ransomware, with less-skilled operators increasing in demand using the expertise encoded by the ransomware developers,” explained Samani.
5G and IoT traffic between API services and apps will make them increasingly lucrative targets, causing unwanted exposure of information in 2022 as well. For developers, developing an effective threat model for their APIs and having a Zero Trust access control mechanism should be a priority alongside effective security logging and telemetry for better incident response and detection of malicious misuse.
Containers will also be targeted by attackers as expanded exploitation of containers and vulnerable applications will lead to endpoint resource takeovers. The exploitation of public-facing applications is a technique often used by APT and Ransomware groups. The Cloud Security Alliance identified multiple container risk groups including Image, Orchestrator, Registry, Container, Host OS, and Hardware.
Patching cyber-attacks globally
Lastly, when it comes to zero-day attacks, the time to repurpose vulnerabilities into working exploits will be measured in hours and there is nothing enterprises can do about it except patch. From identifying public-facing assets to quickly deploying patches despite the potential business disruption, companies will have a renewed focus on reducing their time to patch in 2022.
While cyber-attacks in the US remain high, the issue is a global problem. From patches to weaponizing social media to RaaS, the reality is, enterprises all over the world need to ensure they are prepared to deal with these attacks. They need to be able to identify vulnerabilities in their systems, fix their patches, and have sufficient visibility on their employees.
Just as governments and enterprises continue to work together to deal with the problem, cybercriminals will also work together to find ways to cause more problems to them. 2022 is just a couple of months away but the signs are showing that cyberattacks are only going to get more complicated and menacing in the future.
29 November 2021
26 November 2021