What are the Security Challenges and are There Ways to Meet Them?

In 2022, security challenges are unlikely to slow down. This is unfortunate news, especially as the attack surface continues to expand. For organisations struggling to integrate and manage a collection of single-purpose products, the resulting complexity and lack of visibility is likely to leave these organizations at risk. They must work to resolve these security gaps as quickly as possible – but they need to know where to focus.

Minimising security challenges will require them to start preparing for emerging cyberthreats today. And while no one can predict the future, here are four up-and-coming security challenges we're keeping an eye on at FortiGuard Labs.

Linux Attacks

Up until recently, Linux has been largely ignored by cybercriminals, but that's changing. Because Linux runs the back-end systems of many networks and container-based solutions for IoT devices and mission-critical applications, it's becoming a more popular target for attackers. At this point, attacks against Linux operating systems and applications running on those systems are as prevalent as attacks on Windows operating systems. The recent Log4J vulnerability is also a good example of a recent attack where we are seeing Linux binaries capitalize on the opportunity.

Satellite Network Attacks

As connectivity using satellite internet increases, the likelihood of new exploits targeting these networks will increase correspondingly. The biggest targets will be organizations that rely on satellite-based connectivity to support low-latency activities, like online gaming or delivering critical services to remote locations, as well as remote field offices, pipelines, or cruises and airlines. This will also expand the potential attack surface as organisations add satellite networks to connect previously off-grid systems, such as remote OT devices, to their interconnected networks.

Ransom Attacks on OT Systems

Ransomware attacks are increasingly targeting critical infrastructure and the phrase “killware” has been used to describe some of these incidents. Although the attacks don't necessarily target human lives directly, the term is used because the malware that disrupts hospitals, pipelines, water treatment plants, and other critical infrastructure is different from regular exploits because of the direct impact they can have on people. Cybercriminals may be moving away from smaller targets toward larger more public attacks that affect the physical world, including supply chains and a large number of human victims.

Attacks on the Edge

The increase in the number of people working remotely has exposed corporate networks to many of the threats to residential networks. The increase in network edges means there are more places for "living off the land"-type threats to hide. With this technique, attackers use malware made from existing tool sets and capabilities within compromised environments so their attacks and data exfiltration look like normal system activity.

Organisations Must Protect Against Threats New and Old

To prepare for 2022, organisations should certainly make it a priority to harden both Linux and Windows-based systems. And when adopting new technology, organisations should always take a security-first approach; in other words, before adding new connections such as satellite-based connectivity, make sure it's protected.

But you must also keep in mind the fact that cybercriminals will continue using tactics as long as they keep working. Along with preparing for new threats, you can't forget about what's already out there. Defending against both new and existing threats requires an integrated approach to security. To fight today's evolving threats, organizations should look into a security platform based on a cybersecurity mesh architecture with security solutions that are designed to work together.

--By Michael Joseph, Director System Engineering, India & SAARC, Fortinet