Intelligent CISO Issue 45 - Page 27

editor ’ s question




021 was a year

2 of widespread uncertainty across the globe , especially for those in the cybersecurity space as cybercriminals ramped up their attack methods , particularly targeting the healthcare sector .

CISOs , among many others , are hoping that 2022 will bring a year of certainty and growth and are predicting what the next 12 months will have in store .
To give some idea , The National Cyber Security Centre ( NCSC ), a part of GCHQ , has released its National Cyber Strategy 2022 , which sets out how the government will protect the UK from cyber threats and promote UK interests in a rapidly evolving online world .
Focusing specifically on logistics , finance , space and supply chain , Derek Manky , Chief Security Insights & Global Threat Alliances , FortiGuard Labs , believes we will see attacks spanning further outside of the extended network , even into space , as attackers take advantage of a fragmented perimeter , siloed teams and tools as well as a greatly expanded attack surface .
“ These threats will leave overwhelmed IT teams scrambling to cover every possible avenue of attack ,” said Manky . “ To combat these evolving threats , organisations need to adopt a Security Fabric platform founded on a cybersecurity mesh architecture .
“ Hijacking wire transfers has become increasingly difficult for cybercriminals as financial institutions encrypt transactions and require Multi-Factor Authentication ( MFA ),” he continued . “ Digital wallets , on the other hand , can sometimes be less secure . While individual wallets may not have as big a payoff , this could change in 2022 as businesses begin to increasingly rely on digital wallets as currency for online transactions .”
Manky predicts that we can also expect to see new Proof-of-Concept ( POC ) threats targeting satellite networks over the next year as satellite-based Internet access continues to grow . “ The biggest targets will be organisations that rely on satellite-based connectivity to support low-latency activities , like online gaming or delivering critical services to remote locations , as well as remote field offices , pipelines , or cruises and airlines . This will also expand the potential attack surface as organisations add satellite networks to connect previously off-grid systems , such as remote OT devices , to their interconnected networks . In many networks , Linux runs the backend computing systems , and until recently , it has not been a primary target of the cybercriminal community , but we anticipate this to pick up in 2022 .
“ In the supply chain industry , new malicious binaries have been detected targeting Microsoft ’ s WSL ( Windows Subsystem for Linux ), which is a compatibility layer for running Linux binary executables natively on Windows 10 , Windows 11 and Windows Server 2019 . In addition , botnet malware is already being written for Linux platforms . This further expands the attack surface into the core of the network and increases the threats that need to be defended in general . This has ramifications for Operational Technology ( OT ) devices and supply chains in general that run on Linux platforms ,” said Manky .
Manky suggests that defenders plan ahead now by leveraging the power of AI and Machine Learning ( ML ) to speed threat prevention , detection and response . www . intelligentciso . com