Wednesday, December 29, 2021
Commentary From Crisis Management Expert Edward Segal, Author of the Award-Winning Crisis Ahead: 101 Ways To Prepare for and Bounce Back from Disasters, Scandals, and Other Emergencies (Nicholas Brealey)
The supply chain crisis has not impacted the availability of crystal balls. Indeed, judging by the dozens of predictions I received from cybersecurity experts about possible cyberattacks in 2022, if any of their "guesses" come true, we could be in for a rough ride next year.
Fasten your seat belts. Here are some of their worst-case scenarios.
A Major Vaccine Maker Is Attacked
James Carder, the chief security officer at LogRhythm, has more than 20 years of experience working in corporate IT security and consulting for Fortune 500 companies and the U.S. government. He predicted that, "The supply chain of a major vaccine manufacturer will be halted by ransomware.
"In 2022, cybercriminals will set their sights on carrying out a ransomware attack against one of the pharmaceutical companies producing the Covid-19 vaccine. This will interrupt the production of critical booster shots and keep many other lifesaving drugs from reaching patients. The resulting fallout will fan the flame for foreign and domestic vaccine disinformation campaigns."
Olympic Athletes Are Blackmailed
Carder also thought that, "Hackers will blackmail Olympic athletes during the Beijing Olympics. [They] will breach various athletes' accounts and find incriminating email exchanges regarding the use of performance-enhancing drugs and insight into the individual's personal life.
"This will result in athletes being blackmailed into helping hackers carry out cyberattacks on their home countries or face the release of incriminating evidence," he said.
Cyberthreats Evolve And Fears Increase
Cyberthreat intelligence expert Ross Rustici, a managing director with StoneTurn, predicted that the threats in 2022 "are likely to be evolutionary rather than revolutionary.
"We are likely to see the continued expansion of syndicated and franchised criminal operations, increased dedication to ransom as a primary means of monetization, and continued adoption of new technologies such as deep fakes to make social engineering more effective.
"This will not only impact how business leaders must think about risk but will also be leveraged by threat actors to increase the sense of fear and urgency during an incident."
Malware Is Weaponized
Chris O'Ferrell is the chief threat officer of CodeHunter and a technology executive with over 35 years in the cybersecurity industry. He predicted that, "Extremely advanced, AI-driven, weaponized malware will emerge with the capability to circumvent most (if not all) of the defensive and detection security technologies used today.
'This malware will not be limited to any single type of exploit but rather have the ability to dynamically modify its code 'in the wild' to compromise a wide range of vulnerabilities that exist today."
Business Partners Receive Extortion Demands
Nick Rossmann is the global threat intelligence lead at IBM X-Force, a threat intelligence sharing platform. He said that, "In 2022, we'll see more and more triple extortion ransomware, whereby a ransomware attack experienced by one business, becomes an extortion threat for its business partner.
"Ransomware attackers won't stop at extorting the victim organization for ransom, they will extort its business partners whose data it holds or business partners who cannot afford the supply chain disruption.
"In other words, we will see certain businesses faced with the dilemma, do we pay our supplier's ransom, or can our operations afford and withstand our supplier's downtime? The ripple effect of triple extortion ransomware attacks will force businesses to scrutinize and audit their supply chains' access to their data and the security and policy controls surrounding their trusted relationships."
Scams Use Impersonators
Armen Najarian is the chief identity officer at Outseer, a company in Silicon Valley that's focused on stopping payment fraud. "In 2022, socially engineered scams will become even more lifelike. We've seen scammers get increasingly adept at impersonating C-level executives, colleagues, friends and family members.
"Their timing and writing style [are] improving dramatically, to the point where even sophisticated security industry experts can be fooled. As these fraudsters continue to improve their ability to impersonate and mimic real people, it will get harder and harder for real people to tell what's legitimate and what's a ruse."
The Remote Work Trend Is Exploited
Michael Gorelik is the threat officer and head of threat intelligence at breach prevention firm Morphisec. He said, "The shift to remote work has moved from a temporary measure to help curb the spread of the virus to a more permanent strategy for many businesses.
"This situation has reshaped the threat landscape and has created new opportunities for attackers to change their approach. And we expect this to only get worse in the New Year. With more attackers entering the market with malware-as-a-service campaigns, bad actors will continue to target the essential tools every distributed workforce is using.
"These include virtual private networks and their providers, which have a weak self-security posture, exposed servers, and exchange email services and web applications. Attackers will continue to exploit these servers and services or brute force them due to their inefficient hardening practices."
Attacks Are Launched By Nation-States
Mark Houpt is the chief information security officer DataBank. He said, "In 2022 we will have to be more vigilant for possible nation-state attacks. The rise in tensions between Russia (and aligned nations) and Eastern Europe are of considerable concern at this time, although they may be seasonal and limited in scope.
"Of more long-term concern are consistently rising tensions between China and the U.S., as well as in the Middle East with Iran. Each of these actors has a significant cyber capability. Commercial and critical infrastructure markets would be considerable targets, primarily through disruptive attacks like Ransomware or distributed denial-of-service (DDoS) events.
"With our supply chain currently in stress mode, an attack by a nation-state on this apparatus would further weaken an already crippled field and have a more significant impact on the economy. Most likely, before a war—perhaps in Eastern Europe—goes physical or kinetic, we will see cyber-attack actions increase. Russia is very good at utilizing proxy units to conduct this type of cyberwarfare."
Advice For Business Leaders
Lisa Sotto is the head of the global privacy and cybersecurity practice at law firm Hunton Andrews Kurth. "Every company, regardless of industry sector, will need to be laser-focused on strengthening their security measures.
"Boards of directors and C-suites alike have come to understand that the basic protections, such as multi-factor authentication, patching and access controls, are critical— and that cybercrime could pose an existential risk."
Edward Segal is a crisis management expert, consultant and author of the award-winning Crisis Ahead: 101 Ways to Prepare For and Bounce Back from Disasters, Scandals and Other Emergencies (Nicholas Brealey). He is a Leadership Strategy Senior Contributor for Forbes.com where he covers crisis-related news, topics and issues. Read his recent articles at https://www.forbes.com/sites/edwardsegal/?sh=3c1da3e568c5.