The pandemic and subsequent economic shocks have spawned innovations in technology, including large steps forward in the cloud and edge deployments. Longtime businesses are reinventing themselves as contactless online-only experiences. According to Radware’s The State of Web Application and API Protection report, 70% of production web applications now run-in cloud environments. This massive shift to the clouds and edges will continue through 2022 and beyond, affecting enterprise security. Below, our experts have reflected on the trends of this year and have come up with the following predictions for 2022.
Below, our security experts reflect on trends from 2021 and weigh in on their predictions for 2022.
Predictions from Daniel Smith, Head of Security Research for Cyberthreat Intelligence
Defending the attack surface of the remote workforce
The pandemic accelerated the evolution of many trends – one of them being the adoption of the remote workforce. With more workers connecting from home, organizations now contend with a widely expanded and increasingly diverse attack surface. Security is the main concern, but if businesses want to maintain productivity, service degradation is critical too. Another challenge is the face-to-face gap – the growing reality that employers may never meet their employees in person. This is why organizations will increasingly move to zero-trust models that prioritize security hygiene, defend against social engineering tactics, and protect the organization against the potential threats of remote relationships.
Improving cloud security standards
Cloud computing lacks the security maturity of its on-premises cousin – and by now the “newness” excuse no longer suffices. Cloud computing has been around long enough to have generated a long history of breaches. Increasingly, organizations will seek to better control permissions for cloud-based systems. At the same time, expect more coordinated effort focused on improving security standards more broadly within and across industries. While moving to the cloud brings tremendous advantages of scale and agility, it also brings increased responsibility to secure cloud environments.
Maintaining readiness and limiting opportunities for attacking global supply chains
One outcome of the pandemic has been persistent disruptions to global supply chains. Expect these to last through 2023. In the meantime, threat actors are focusing in on new ways to attack the information and communications platforms used to manage an increasingly vulnerable physical supply chain worldwide. Look for more distributed denial-of-service and ransomware attacks in 2022 – and expect organizations to remain on a high state of alert as they seek ways to limit opportunities for threat actors to succeed.
Addressing cyberattacks as proxies for nation-state activity
It is hardly news that nation-states exploit cyber vulnerabilities to advance their political agendas. But as this behavior continues into 2022, nation-states are poised to pull far ahead of the abilities of almost any organization to maintain a defense. In response, it’s reasonable to expect organizations to take sides – perhaps using physical location as the basis for blacklists to block out certain nation-state actors and regain the advantage in an ever-escalating cyber war.
Protecting the security industry itself
Malicious nation-states and organized criminals will be trying out a relatively new tactic in 2022. Look for these threat actors to find new ways to use the security industry as a resource – perhaps leveraging information security professionals and resource-constrained organizations to breach systems. The security industry itself isn’t immune to hacking and cyberattacks. It needs to remain on guard.
Going on the offensive
An escalation in the overall cyber war is coming. While cyber defense remains foundational, global law enforcement agencies will go on the offensive in 2022 to send a message to threat actors that hacking is not free of consequences. The distressing point is that offensive cyber campaigns of the past have had little success. Nevertheless, public and private sector organizations alike should be prepared as global law enforcement entities hack back with offensive operations in 2022.
Prediction from Prakash Sinha, Technology Evangelist and Senior Director of Corporate Marketing
Building stronger bot, API and application security defenses
“As more cloud and on-premise applications use open APIs, scraping and bot attacks on applications will continue to increase. Looking forward, organizations will need to evaluate and invest in better security mitigation technologies to address bot protection, API and application security, and data leak prevention. In addition, they’ll need to look at entitlements and permissions to access APIs, applications, and user data. In 2022, we should also expect to see bigger investments in more advanced visibility tools as well as forensics tools that provide actionable insight for management, monitoring, auditing, compliance, and troubleshooting.” Excerpt published in Solutions Review, “32 Experts Share Advice on Information Security in 2022,” December 6, 2021
Prediction from Shai Haim, Security Product Marketing Manager
Preparing service providers for more granular attacks
“In the world of carriers, several predictions paint a picture for 2022. For starters, some of the same attacks trends we saw in 2021 will continue into next year. Expect to see a greater number of more sophisticated, higher intensity attacks at lower volumes. But don’t be fooled by lower volumes. Phantom floods – the relatively low volumetric floods that fly under the radar, especially in high bandwidth networks – can be equally as disruptive and damaging as the higher volumetric attacks that make news headlines. To detect and mitigate this new generation of attacks, carriers will need to use more automated, granular, and dynamic security solutions.” Excerpt published in Solutions Review,“32 Experts Share Advice on Information Security in 2022,” December 6, 2021
Predictions from Pascal Geenens, Director of Threat Intelligence
Warning small to midsized businesses
“Organised cybercrime, in the form of ransomware operators, has recently taken a greater interest in small and mid-size organisations. Operators understand it is not always the best tactic to go after the largest targets first. And they are becoming more aware of the implications of not only attracting the attention of authorities but also getting caught in the crosshairs of their cybercrime crackdown. We saw an example of this when Blackmatter, a respawn of DarkSide, announced that it was shutting down operations due to pressure from law enforcement.
Going forward, expect to see more focus on small and mid-size businesses by criminal operators. Smaller targets are lower profile. Even if their payoffs are less rewarding than their enterprise counterparts, they come with significantly lower risk.
Zeroing in on Zero-Day Attacks
“This year, Radware has seen an increase in zero-day attacks by more advanced threat actors, and the company’s researchers expect this trend to continue. Given the large amounts of cryptocurrency that ransomware operators have collected, it is not unthinkable that they could now also become future customers of zero-day merchants.” Excerpt published in InfoPoint Security, “Radware over 2022: Ransomware Meets Zero Day,” December 16, 2021.