From a CISO’s point of view, 2021 was not a very good year. It started with a scramble to address the SolarWinds cyberattack and is ending with record-breaking highs in ransomware attacks. CISOs have had to deal with juggling a hybrid workforce with continuing security issues caused by COVID-19 and a skills shortage, cyberattacks on the critical infrastructure, understanding what the growth in cryptocurrency means for cybersecurity, and handling the usual everyday issues in the life of a CISO.
With 2021 approaching the rearview mirror, we can expect more of the same with some added twists in the year ahead. Reviewing the cyberattacks that CISOs had to address, either directly or indirectly, along with trends and issues that surfaced can help us anticipate what lies ahead in 2022.
Ransomware isn’t going anywhere. One report said there were nearly 500 million attempted ransomware attacks by the end of September. We can expect that number to be closer to 700 million by the time the ball drops on New Year’s Eve. The banking industry alone saw ransomware attacks increase by more than 1,300% in 2021.
Perhaps no ransomware attack had a higher profile than the one on Colonial Pipeline, which gave Americans their first real taste of how devastating cyberattacks can be on critical infrastructure. Even though this attack was on the financial part of Colonial’s business, it effectively shut down the flow of oil to the eastern part of the country and caused considerable panic.
The Colonial Pipeline attack could have been much worse, just like the ransomware attacks on Kaseya (which impacted the IT infrastructure of some of the largest companies in the world) and meat processing company JBS Foods. We don’t know how much these attacks have impacted current supply chain woes, but they certainly didn’t help. We’re always one attack away from a breach that takes down the energy grid or food supplies for extended periods of time. The only solid way to prevent this from happening is with tools that continuously monitor and assess your company’s ransomware susceptibility.
While attention has been heavily focused on ransomware this year, one of the trends we’ll be looking at a lot more next year is website cloning and online fraud problems. Consumers and brands are both being frauded by cyberattacks that are generated overseas. The fraudsters target well-known U.S. brands, whether they’re banks, Big Tech companies, or even cryptocurrencies, with the hopes that the consumer will be unaware that the link they are clicking is taking them to a clone of the real website. Thinking they are on the proper site, the consumer enters their log-in and other sensitive information, which leads to credential theft, account takeovers and bigger headaches as the credential stuffing attacks snowball.
Addressing website cloning requires an offensive strike. CISOs will need to use cybersecurity tools that can identify scams as soon as they materialize and shut them down before they reach consumers, employees, or other online users.
Cryptocurrencies ready to go mainstream
Despite the general lack of understanding of how cryptocurrencies work, they have entered mainstream America in 2021. LA’s Staples Arena has been renamed Crypto.com Arena. The incoming mayor of New York City announced plans to take several months’ salary in cryptocurrency.
But even as it moves into the mainstream, crypto remains the currency of cybercriminals and ransomware payments. As more organizations and consumers use cryptocurrency, it could result in even more ransomware attacks or other illegal attempts to get at the digital currency. And unlike money in the bank, which is protected by federal regulations and replaced if the bank is robbed, once someone gains access to your digital wallet, that money is gone for good.
Protecting cryptocurrency takes multiple forms. First, ransomware needs to be stopped along with the need to use crypto to pay ransoms. Second, the cryptocurrency itself needs protection, and that could be done through diversifying crypto portfolios – in other words, not having it all in one digital wallet and having wallets that aren’t connected to the internet.
Government security plans
We saw some movement to improve cybersecurity with the White House releasing an Executive Order that, among other points made, supports the removal of barriers for threat sharing information between agencies. The order stated: “Removing these contractual barriers and increasing the sharing of information about such threats, incidents, and risks are necessary steps to accelerating incident deterrence, prevention, and response efforts and to enabling more effective defense of agencies’ systems and of information collected, processed, and maintained by or for the Federal Government.”
As we move into 2022, expect to see a growing trend toward greater collaboration between the public and private sectors. Groups like the Advanced Cyber Security Center will become increasingly critical and more formalized, and commercial organizations – those that need cybersecurity and those who provide cybersecurity – will have to be more collaborative with federal agencies about how to address threats. Foreign-based hackers and nation-state threat actors already support each other to better launch attacks, so it is time we work together to better protect from those attacks.
The Great Resignation
In 2020, employees stayed home to prevent getting and spreading COVID-19. In 2021, employees are staying home because they want something else, something their jobs didn’t offer. The cybersecurity profession was already dealing with the skills gap and millions of open jobs. Now it is impacted by the Great Resignation, with the best people jumping ship and taking their knowledge with them. Whether it is early retirement or moving to positions or careers with less stress, CISOs will be tasked with filling a knowledge gap that is widening, and it has to be a top priority. After all, even though the defenders are walking away, hackers aren’t retiring. In fact, they are becoming more industrious in their efforts, and CISOs won’t be able to stop them alone.
Predicting the cybersecurity landscape in 2022
Predicting what will happen in the year ahead is, well, unpredictable. But taking a retrospective view of this past year can help improve enterprises’ cybersecurity posture and offer additional chapters in a CISO’s best practices handbook.