McAfee Enterprise & FireEye predictions for 2022

McAfee Enterprise and FireEye released its 2022 Threat Predictions, examining the top cybersecurity threats they predict enterprises will face in 2022. Bad actors have taken note of successful tactics from 2021, including those making headlines tied to ransomware, nation states, social media, and the shifting reliance on a remote workforce. We expect them to pivot those into next years’ campaigns and grow in sophistication, wielding the potential to wreak more havoc across the globe. Skilled engineers and security architects from the recently combined entity offer a preview of how the threat landscape might look in 2022 and how these new or evolving threats could potentially impact enterprises, countries, and civilians.

“Over this past year, we have seen cybercriminals get smarter and quicker at retooling their tactics to follow new bad actor schemes – from ransomware to nation states – and we don’t anticipate that changing in 2022,” said Raj Samani, fellow and chief scientist of the combined company. “With the evolving threat landscape and continued impact of the global pandemic, it is crucial that enterprises stay aware of the cybersecurity trends so that they can be proactive and actionable in protecting their information.”

McAfee Enterprise & FireEye 2022 Predictions

  1. Using social media to mark targets: Nation States will weaponize social media to target more enterprise professionals, looking to infiltrate organizations for their own criminal gain. While this approach is not new, it is relatively uncommon. After all, it does demand a level of research to “hook” the target into interactions and establishing fake profiles is more work but targeting of individuals has proven to be a very successful channel, and we predict the use of this vector could grow not only through espionage groups, but also other threat actors. 
  1. Nation states turn to hackers for hire: Nation states will increase their offensive operations by leveraging cybercriminals. With the predicted increase of blurring between cybercrime and nation-state actors in 2022, companies should audit their visibility and learn from operations conducted by actors targeting their sectors. 
  1. A power shift among ransomware threat actors:Self-reliant cybercrime groups will increase and shift the balance of power within the Ransomware-as-a-Service (RaaS) eco-kingdom from those who control the ransomware to those who control the victim’s networks. Ransomware has generated billions of dollars in recent years and it’s only a matter of time before some individuals who believe they aren’t getting their fair share become unhappy. 
  1. The growth of smaller affiliates: For a long time, RaaS admins and developers were prioritized as the top targets, often neglecting the affiliates since they were perceived as less skilled. This, combined with the lack of disruptions in the RaaS ecosystem, created an atmosphere where those lesser-skilled affiliates could thrive and grow into very competent cybercriminals, eventually with a mind of their own.
  1. Keep A Close Eye on API: 5G and IoT traffic between API services and apps will make them increasingly lucrative targets, causing unwanted exposure of information. The connected nature of APIs potentially also introduces additional risks to businesses as they become an entry vector for wider supply chain attacks. In most cases, attacks targeting APIs go undetected as they are generally considered as trusted paths and lack the same level of governance and security controls.
  1. Hijackers Will Target Your Application Containers:Expanded exploitation of containers and vulnerable applications will lead to endpoint resource hijacking such as through crypto-mining malware, spinning up other resources, data theft, attacker persistence, and container-escape to host systems.
  1. Zero Cares About Zero-Days. The time to repurpose vulnerabilities into working exploits will be measured in hours and there’s nothing you can do about it… except patch.

Leave a Reply

Your email address will not be published. Required fields are marked *