Mandiant publishes its report "14 Cyber Security Predictions for 2022 and Beyond," which predicts the biggest cyber threats for years to come. Those forecasts were made on the basis of current knowledge and trends.
The past two years have been shaped by the pandemic. Remote work is still changing the attack surface of many companies significantly. In addition, groups of hackers are constantly evolving, learning from their mistakes and changing their tactics, techniques and procedures. It is all the more important to keep an eye on developments, to always be one step ahead of the attackers and to close open security gaps as quickly as possible.
The only constant is inconsistency
“The only constant in our industry is the volatility in the cyber landscape. The attackers are constantly evolving and becoming more and more sophisticated - companies in the DACH region have to keep pace here, "says Mike Hart, Vice President Western Europe at Mandiant. “Many companies are satisfied as long as they can present something to the board of directors. The security concept is often not based on a solid strategy and silo solutions are often used. Gradually, however, companies are realizing how important a holistic view is and that they should be aware of the threats relevant to their industry and region. Our forecasts give security managers an overview of what to expect in 2022 - based on the developments we are currently observing. Businesses have a lot to consider for the next year, but if they stay vigilant, they can defend themselves against future attacks - and respond to those that inevitably happen. "
Most important forecasts for the DACH market
Ransomware
More attacks and new tactics - Ransomware attacks have increased significantly over the past decade. There have been national and international efforts to make ransomware less profitable for hackers and to prevent operations, but these have so far been unsuccessful. Cyber criminals, for example, simply use another ransomware-as-a-service partner and continue their operations if the authorities come dangerously close to a group. In addition, it is becoming more and more difficult to assign attacks as hacker groups cooperate with one another to join forces. Mandiant expects new tactics in its 2022 forecasts, for example by trying to recruit insiders within the target organization. It can also be assumed that hackers will increasingly punish victims who seek professional help to negotiate the extortion money.
Operational Technology (OT) increasingly in focus
Mandiant has observed that hackers with little experience are increasingly targeting corporate OT because they have found it can have a big impact. The OT, which is often comparatively old and difficult to patch, poses a great risk if it is left unprotected. In particular, since OT and IT are increasingly being linked with one another in the course of the digital transformation - for example in the automotive industry. In 2022, such attacks will increase and more ransomware will be used. Germany is a popular destination because of its strong manufacturing economy. In the event of attacks on critical infrastructures in particular, the pressure to pay is high for companies, as there is a risk of significant effects on the health and well-being of the population.
Russia as a source of hacker attacks
Throughout 2021, Russia was the origin of numerous hacker attacks on NATO, Eastern Europe, Ukraine, Afghanistan and the energy sector. Mandiant expects the country to remain aggressive in 2022, increasingly targeting supply chains and software supply chains. Supply chain attacks can have an industry-wide impact. The UNC2452 group's SolarWinds attack campaign showed that Russia continues to use innovative tactics. These are expected to become more sophisticated and extensive.
China's economic expansion
China will continue to be very aggressive, particularly in supporting the Belt and Road Initiative through cyber espionage. Now that the Ministry of State Security (MSS) and the People's Liberation Army have largely completed their restructuring, they will be much more focused in their operations. China has shown itself ready to expand its operations and take steps it was not ready to take before. As geopolitical tensions continue to rise, the big question is, "When will China use its known but untapped destructive capabilities?"
The cloud leads to new weak points
Mandiant's safety forecasts for 2022 (Image: Mandiant).
At a time when companies are increasingly relying on cloud providers, there is increasing pressure for those providers to guarantee the availability and security of the cloud. Mandiant assumes that hacker attacks on cloud resources will continue to increase with increasing cloud adaptation. Above all, errors, weaknesses, misconfigurations or failures on the part of third-party providers are exploited. For organizations, this means that they have to work intermittently and deal with an incident without being the primary target and possibly without a full picture of the attack history in internal logs.
Internet of Things (IoT) as a large-scale target
In the coming years, Mandiant expects a steady increase in IoT devices on the market. Many of these are developed as cheaply as possible and without really taking the necessary security requirements into account. Because the devices are interconnected, they offer a great target with serious potential for repercussions. In addition, security patches for newly discovered vulnerabilities have to be installed by the users themselves, but they are often not aware that an update is required or they ignore it. It will be years before a secure IoT landscape is in place.
The full report "14 Cyber Security Forecasts for 2022 and Beyond" is available for download.
More at Mandiant.com
About Mandiant Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response. With decades of experience on the cyber frontline, Mandiant helps organizations confidently and proactively defend against cyber threats and respond to attacks. Mandiant is now part of Google Cloud.