Cisco’s cybersecurity professionals share the company’s latest security innovation and insights at the 2022 edition of the Gulf Information Security Expo & Conference (GISEC).
On the occasion of GISEC, Cisco released its predictions on emerging trends, based on research from the company’s threat intelligence group Talos. The report details recent cybersecurity trends, highlighting the most common attacks, biggest targets and 2022 predictions.
Targeted Verticals
Healthcare was the top targeted sector throughout the majority of 2021. The main reason adversaries are continuing to target this industry is due to healthcare providers’ often underfunded cybersecurity budgets and extremely low downtime tolerance, the latter of which has been intensified by the pandemic.
The Evolution of Ransomware
Ransomware dominated the threat landscape in 2021. Cisco Talos researchers observed two trends emerging in ransomware engagements: a proliferation of adversaries, and an increased reliance on commercially available and open-source tools. Throughout 2020 and in the beginning of 2021, Ryuk was the primary ransomware family observed. As the year went on, it began to gradually disappear, similar to several other well-known ransomware types. What followed was a greater variety of actors culminating in the last quarter of the year.
Regarding attack vectors, Cisco Talos found that the adversaries most commonly exploited internet-facing applications and used phishing and business email compromise (BEC) attacks to target end users.
Looking Ahead
For 2022, Cisco Talos is monitoring the situation around Log4J vulnerabilities, supply chain and third-party risks, the potential revival of Emotet, and the environment around ransomware.
Log4J vulnerabilities have caused widespread concern among customers and the security community at large, and we could easily see an increase in related incidents in 2022. As many researchers have pointed out, this incident has far-reaching implications based on Log4J’s wide use within enterprises, and the difficulty some organizations might have in finding and patching everything that is vulnerable.
The past year was an indicator of things to come in terms of supply chain and third-party risk. When adversaries target a large Managed Service Provider (MSP) or open-source software incorporated into countless enterprise products, they greatly expand the potential pool of victims. It is expected that supply chain and third-party risk will continue to pose significant threat to enterprise security, as numerous actors such as ransomware groups leverage these attacks to pivot to high-value targets.
Commenting on the findings, Fady Younes, Cybersecurity Director, Middle East and Africa, Cisco said, “2021 presented different verticals with a number of new challenges, as organizations navigated the complex threat landscape in an increasingly digital world. This year, decision-makers must ensure to implement advanced ransomware protection and secure network analytics. It is essential that IT leaders invest in technologies that integrate detection, prevention, and response capabilities in a single solution for increased visibility and enhanced actionable insights to improve security. At GISEC, Cisco demonstrates its latest innovations, including software solutions for safer, more secure and more efficient operations.”
Visitors to the stand can see demonstrations of various Cisco Security technologies, including Secure Access Service Edge (SASE), Cisco XDR Solution and Cisco Zero Trust Security. These solutions help organizations accelerate the cloud journey, simplify security operations and allow for a more secure workforce.