In the course of 2021, hackers have organized their underground ecosystems better and better, so that in the new year 2022 even more professional attack patterns must be expected. According to the security experts at Radware, ransomware groups in particular are increasingly looking for allies among experienced contract hackers. Attacks on MSPs and 5G network operators are also expected.
For example, ransomware groups Avaddon, SunCrypt, Ragnar Locker, and Hello Kitty are known to use DDoS attacks to add additional pressure to their victims. "Such groups regularly publish messages in which they hire experts in areas such as backup technology - not to fix such systems, but to destroy them," said Pascal Geenens, director of threat intelligence at Radware. “The Lockbit cybercrime gang even runs ads to recruit partners, including the operators of the Mēris botnet.”
The incentives are great. A survey of 300 US IT decision makers found that 83% of ransomware victims paid the demanded ransom. And the demand for underground hacking skills and resources has increased as ransomware operators run increasingly successful campaigns.
From automated to manual
With highly motivated actors awaiting payment from organized cybercrime groups, Radware observes that attacks have increasingly shifted from automated to manually conducted attacks. Agari researchers have found that the reuse of leaked passwords is mostly initiated by people and not automated. And while it can be difficult to defend against automated attacks, it is even more difficult to defend against human intelligence, especially since the attacks are fueled by the prospect of multi-million dollar payments and are correspondingly persistent.
New Threats for Service Providers
Pascal Geenens, Director of Threat Intelligence at Radware (Image: Radware).
Service providers and carriers will also have to defend themselves against new types of threats in 2022. Radware expects a larger number of sophisticated attacks with higher intensity and lower volume. These so-called phantom floods, which go unnoticed especially on high-bandwidth networks, can be just as damaging as the higher-volume attacks that make the headlines. To detect and mitigate this new generation of attacks, network operators must deploy more automated, granular and dynamic security solutions.
According to Radware, this whole scenario will become even more complicated as 5G expands further. "5G will start to realize its full potential in 2022 and will no longer behave like 4G," said Shai Haim, Security Product Marketing Manager at Radware. “Low latency services will emerge and prevail. There will be more movement to the cloud, more edge access points, more mobile services and smarter IoT devices.” To secure this new world order, network operators must protect their services both in the cloud and at the endpoints - seamlessly, without latency and without compromising the user experience.
More at Radware.com
About Radware Radware (NASDAQ: RDWR) is a global leader in application delivery and cybersecurity solutions for virtual, cloud and software-defined data centers. The company's award-winning portfolio secures the company-wide IT infrastructure and critical applications and ensures their availability. More than 12.500 enterprise and carrier customers worldwide benefit from Radware solutions to quickly adapt to market developments, maintain business continuity and maximize productivity at low cost.