In recent years, the world of cybersecurity has been turned upside down. As government employees shifted to remote work, new vulnerabilities emerged, and bad actors continued to innovate.
Around this time last year, the Sunburst hack was discovered. Malware inserted into the software compromised a long list of organizations, including numerous federal agencies. Then, in May of 2021, hackers targeting the Colonial Pipeline shut down thousands of miles of fuel transport and demanded a significant ransom. But while these attacks made headlines, hundreds of other cyberattacks flew under the radar. In fact, according to Redscan Labs, more cyber security vulnerabilities were reported this year than ever before.
To help prepare government employees to face new cyber challenges and the growing number of cyberattacks, here are three predictions on what’s to come in the year ahead.
Militaries will leverage cyberattacks: Earlier this year, a disruptive and high-profile ransomware attack on Colonial Pipeline halted thousands of miles of pipeline and disrupted a large part of the east coast of the United States. Going forward, I expect more nation states will look for vulnerabilities in government and critical infrastructure as an alternative to warfare, or as part of it. However, the use of cyberattacks in warfare isn’t new. For instance, in 2017, the Russian military launched a cyberattack that planted ransomware in numerous multinational corporations. Many years before that, a sophisticated computer worm called Stuxnet, reportedly a joint creation of the U.S. and Israel, destroyed nearly one-fifth of Iran’s operating centrifuges, which are used to enrich uranium for nuclear power. But in 2022 and beyond, we expect military-sponsored cyberattacks to become frequent. Kinetic efforts will be preceded by cyberattacks, similar to a naval bombardment prior to launching a beach assault in WWII.
Criminals will imitate successful hacks: Anytime a major hack makes headlines, it’s not just industry and government executives who take notice. Bad actors are paying attention too. The Sunburst attack, for instance, used highly sophisticated malware hidden inside legitimate software updates. It was an unusually complex and sophisticated attack. Once a technique is proven to work, copycat attacks will follow suit. For instance, this past summer, Irish IT solution provider, Kaseya, was hit by a similar technique; its remote-monitoring tool was infiltrated with malware, allowing attackers access to multiple end customers. As we look to next year, we can expect to see a significant rise in criminal copycats utilizing software updates to install detrimental malware.
Zero Trust becomes the only way forward: Between copycat attacks and attacks targeting critical infrastructure, it’s obvious organizations must adapt their cybersecurity postures. IT leaders may embrace a standard of 100% prevention, which will be achieved through zero-trust principles and technologies like content disarm and reconstruction (CDR). CDR intercepts documents at the network boundary, re-creates the content from scratch and eliminates any corrupted elements, and delivers them clean and safe to the intended recipient. Moving forward, cyber teams must assume everything is corrupted, sanitize it all, and ensure least privileged access. This is radical thinking, but existential threats like ransomware demand a fresh approach.
If we’ve learned anything from the cybersecurity events of 2021, it’s that the government must adapt its posture to address vulnerabilities. With the looming threat of military-sponsored cyberattacks, copycat attempts and newly developed attack methods, we must leverage these predictions to strengthen our perimeters to withstand evolving threats.
Visit our website to learn more about how Forcepoint can support your organization’s cybersecurity needs.