May 26, 2022
2022 Top 3 Emerging Security Threats
2022 Top 3 Emerging Security Threats
What are 2022’s top emerging cyber security threats? Frankly, they are in areas that we have been aware of for years, but not focused on in our security.
Identity attacks have been going on for years, but many companies are not willing to invest in security that requires integration across all IT and security solutions.
Ongoing changes in the way we deploy our people and technology has created big security holes around our systems, applications, and data.
Lastly, criminals have turned malware into a business which can be deployed against companies of any size easily. Our security responses have not risen to the challenges.
Here are three major areas that we need to start focusing with our security or we may become the next news headline.
#1 Identity Attacks
Identity attacks are a top emerging threat and were the top attack path used in 2021. Stealing identities gives criminals the keys to your IT kingdom. Identity theft is an attack vector used by all of the top security attacks social engineering, hacking and malware attacks.
IAM system attacks are also on the rise, in some cases giving access to all of a company’s credentials.
With the majority of breaches involving stolen credentials, login access control needs to be a top priority
Identity Attack Controls:
- Strong Access Control
- Authentication control – Multi-factor Authentication (MFA)
- Authorization management: least privilege, define access roles, responsibilities, keeping these current
- Employee Training – Computerized Security Awareness Training (SAT)
- 24×7 security monitoring using a SIEM alerting on violations
- Strong Access Control
#2 Attack Surface Expansion
Company’s human, systems, and data assets are now heavily distributed across the cloud. Traditional security solutions are no longer adequate to protect in this attack surface expansion. Company assets are now accessible by any person with Web access. Additionally, data and applications are increasingly hosted by and controlled by 3rd parties in their cloud environment.
For these reasons, attack surface expansion is a major emerging security threat. As a result, customers now have limited visibility into their asset security and limited control. Companies are left with leaving much of their security up to 3rd parties. Faith is good, but when it comes to security it is definitely not a strategy.
Cloud Infrastructure – Servers
The move to the cloud is proceeding at a fast pace by all company types. Companies are moving to the public cloud at a growth rate of greater than 20% through 2025 according to IDC. The adoption of private cloud infrastructure is growing at over 30% per year through 2025.
Cloud Apps (SaaS Apps)
It is estimated that nearly 80% of companies now have all their applications in the cloud. SaaS applications are more the norm than the exception because of their convenience.
- Lack of employee use visibility (which apps and how used)
- Lack of control over employee use
- Lack of control over data security
Post Covid, companies are having to deal with employees working from home. It is expected that for most company’s employees working from home will continue forever.
Cloud Threat Controls
Cloud Infrastructure Controls
- Cloud firewalls
- Cloud EP/EDR protection for server
Cloud App Controls
- CASB security to provide visibility and control over usage of 3rd party apps.
- ZTNA (Zero Trust) helps to control employee access and data usage
Remote Worker Controls:
- Secure Web Gateway (SWG) – Web browsing
- Email Security
- ZTNA (Zero Trust) – to control employee access and data usage
- Strong Endpoint security with EDR
Controls Supporting all Cloud Risks Areas Above
- 24×7 SIEM monitoring, detection & response
- Strong access controls – MFA, user role management
#3 Evasive Attacks
Attacks that are evasive and hard to detect are a major emerging security threat. Zero Day malware has been around for a while, but continues to be a major problem with ransomware in 2021 at 25% of all breaches. Supply chain attacks have been in the news and present very different, but difficult challenges to prevent and thus must be detected after the attack starts.
Zero Day Malware
Advanced malware that morphs quickly or that is difficult to build static protection for, is known as Zero Day. This type of malware must be detected with dynamic solutions (like AI/ML, behavior-based security, etc)
- Realtime morphing attacks that cannot be prevented by static security like signature antivirus solutions. These attacks are AI driven and can morph attacks so that they are hard to detect
- Malware kits enable a broad range of criminals to attack with sophisticated automated software. Attacks are made possible via malware kits that can be purchase on the dark web
- A very high percent of attacks are complex and multi-step making them hard to detect since they are designed to fly under that radar.
- Ransomware has grown to 25% of all breaches in 2021. So threats are real and damaging.
- The result is that attacks are hard to prevent and thus require advanced monitoring, detection and response solutions to catch and stop attacks after they have started.
Supply Chain Attacks
Supply chain attacks are caused by partners that introduce risks into your business and result in your being attacked. Software supply attacks can be caused by simply updating your software with software that has malware injected into it.
The problems with preventing supply chain attacks is that they occur because you naturally trust your partners and suppliers. So, solutions typically depend on monitoring, detecting, and responding to attacks after they begin.
Evasive Attack Controls:
- 24×7 security monitoring using a SIEM provides monitoring, detection and response to threats and attacks. Since many attacks are not preventable, they must be detected after the fact.
- Advanced endpoint security including EDR for normal endpoints and servers
- System and Data backups with offline storage
- Use of strong authentication software like Multifactor authentication (MFA)
- Role based authorization controls (least privilege access)
- Web & Email Security – since these are high use attack vectors and deserve great security
As always, Contact Us to discuss how we can help you assess if you are ready for these 2022 top emerging security threats and how to respond.