Most Worrisome Threats
CF: In terms of the threat landscape, what’s most worrisome in 2022?
SB: Ransomware continues to evolve. The business model, in addition to the threat, continues to evolve. It is so effective and lucrative for these attackers that they’re pulling in other cyberthreats, things like initial access broker, where somebody will get access to a corporate network and then they’ll sell access to these ransomware attackers. But in addition to the initial access brokers, you have loaders and droppers, and they create one massive, interconnected ransomware delivery system. And it’s becoming a lot more modular as well as a lot more uniform. These adversaries are offering different elements of attack as a service, and provide playbooks with tools and techniques that enable different criminal groups to implement very similar attacks. You get into extortion threats such as the release of data and other pressure tactics. We’re going to see that increasingly form part of the overall ransomware threat.
We also see an evolution of the attack tools and the targets. We talk about Cobalt Strike — that was part of the the DarkSide affiliate with the Colonial Pipeline. And we’re seeing a lot of additional hands-on-keyboard cyber attackers. And then you get into the evolution of a lot of the existing mobile threats. There’s an evolution of mobile threats and social engineering scams that are expected to continue and diversify to target both individuals as well as organizations.
There’s the evolution of cryptocurrency-related crime, the illicit use of cryptocurrency both to evade sanctions and to obfuscate involvement in criminal activities. And then the evolution of artificial intelligence (AI) and cybersecurity and threats. The application of AI to cybersecurity will continue to accelerate as a lot of these powerful machine learning (ML) models prove their worth in threat detection and alert prioritization. So security practitioners absolutely will need to keep pace with a lot of the AI innovations and find more defensive applications of new AI ideas and technologies.
