Supply chain and nation-state attacks will highlight 2022, says vendor

Supply chain attacks and nation-state cyber warfare will continue to cause anguish for CISOs in 2022, says Check Point Software in its annual predictions blog.

Supply chain attacks will become more common, the security company said, which will lead to governments beginning to establish regulations to address these attacks and protect networks. They will also look into collaborating with the private sector as well as with other countries to identify and target more threat groups operating on a global and regional scale.

Check Point also expects to discover more about the global impact of the Sunburst attack on SolarWinds Orion network monitoring suite.  “As investigations are still ongoing, security researchers will unveil some of the biggest questions regarding the attack: What were the attackers doing these networks, and how did they benefit from the massive attack?”

“Supply chain attackers take advantage of a lack of monitoring within an organization’s environment,” the blog warns. “The well-known SolarWinds supply chain attack stands out in 2021 due to its scale and influence, but other sophisticated supply chain attacks have occurred, such as Codecov in April, and most recently, Kaseya.  Kaseya provides software for Managed Service Providers (MSPs) and the REvil ransomware gang exploited the company to infect over 1,000 customers with ransomware.  The group demanded a ransom of $70 million to provide decryption keys for all affected customers.

Among other predictions:

The cyber ‘cold war’ intensifies: The cyber cold war is intensifying, and taking place online as more nation-state actors push western governments and continue to destabilize society. Improved infrastructure and technological capabilities will enable terrorist groups and political activists to further their agendas and carry out more sophisticated, widespread attacks. Cyber-attacks will increasingly be used as proxy conflicts to destabilize activities globally;

Attackers leverage vulnerabilities in microservices to launch large scale attacks: The move to the cloud and DevOps will result in a new form of botnet. With microservices becoming the leading method for application development,…