Monsters Lurking: Anjuna's 2022 Cybersecurity Threat Watch List

Published on
Jan 24, 2022
In Anjuna's first annual cybersecurity watch list, we discuss five cyber threats organizations could face in 2022 and beyond.

One thing we’ve learned from the last few years is that the potential perils from cyber attacks are coming more frequently and in new and different guises.

We’ve already experienced the SolarWinds supply chain breach, ransomware attacks on platforms like Kronos, the exploitation of a zero-day vulnerability in the Log4j Java library, and data breaches in the hundreds of millions of Android and Facebook users—and that’s not even a full list.

What could possibly be next? No one knows for sure, but here are five potential issues we’re concerned might occur in 2022 and beyond:

Compromised National Security

If secret intelligence algorithms fall into the hands of cyber attackers, this would cause a major compromise of national security. Attackers would be able to access hosts and steal algorithms while they are executing at federal data centers or on the cloud. The federal government is taking these threats seriously. On Jan. 19th, the White House issued a memorandum focusing on deploying much greater efforts to identify, deter, protect against, detect, and respond to malicious cyber campaigns to protect key federal assets—including national security algorithms.

Insiders Become Extortionists

The Unbiquti hack is an example of the kind of major data leak that could be caused by insider extortion. Nation-states and well-funded cyber-crime syndicates could coerce employees or strategically place privileged insiders in the right positions to gain machine and data access. Isolating data from operations now will be vital to protect data, and, even more importantly, to protect employees. 

The Healthcare System Suffers a Critical Infection

Lives are at stake when attackers bring down the IT systems at a major healthcare facility. This has already happened with ransomware attacks on hospitals. Emboldened attackers that have successfully exposed data from these organizations will get bolder, smarter, and more dangerous. This, in turn ,will not just endanger the institution, but might even result in patients killed, as the attackers do whatever they think is necessary to extract the funds they seek.

Attacks Get Personal

Attacks on individuals will likely dramatically increase in 2022. These attacks will no longer be focused on just institutions, but will target individual people—from prominent politicians and celebrities to low-level employees. Attackers will target anyone at any level who might have access to valuable data. The use of AI will enable these attacks at scale. Advanced security will therefore no longer just be the responsibility of the company, but of the individual as well. Astute leaders will realize they need to help employees protect their personal digital assets, which will, in turn, protect their institutions.

Infrastructure Crashes

An attack that compromises a water or sewer system will leave thousands of people with no running water for weeks or months. Elsewhere, attackers could shut down a power grid, causing chaos. Most towns, cities, and states are soft targets that haven’t put in place the sophisticated defenses of larger or wealthier institutions. Since they can’t fight off millions of automated attacks, their only hope is to protect IT systems by default. Unfortunately, many of these groups will not take these simple proactive measures until the damage has already been done.

Are your teams aware of these potential threats? Are you taking steps to ensure you and your organization are protected? What other threats are on your radar screen? We’d love to hear your thoughts.

More like this
Get Started Free with Anjuna Seaglass

Try free for 30 days on AWS, Azure or Google Cloud, and experience the power of intrinsic cloud security.

Start Free