Tanium comments on cybersecurity learnings that can be taken from 2022
November 2022 by Chris Vaughan, Area VP and Technical Account Manager EMEA at Tanium
In 2022 we’ve seen that geo-politics continues to have a big impact on the threat landscape. This has influenced the tactics adopted by attackers and I’ve observed several new trends that I expect to carry over well into 2023.
One is cybercriminals using the power of quantum computing when targeting encrypted data. Many nations and attackers believe that quantum is the future of cyber power which has started a race to develop the strongest capabilities in this area. However, it comes with a big risk as the technology has the potential to cause huge disruption and damage if it falls into the wrong hands. Western governments and companies hold some of the most cutting-edge research in this area and it needs to be protected. The cybersecurity sector should be keeping a close eye on this because whilst overall adoption of the technology is still relatively low, it’s increasing steadily.
Another area of interest in 2022 has been the commercial availability of cyber capabilities. Malicious cyber tools are becoming more available to be purchased online which is leading to a greater number of attacks that are also less predictable. This includes vulnerabilities and exploits as well as hackers for hire, dramatically lowering the barrier of entry for anyone interested in launching a cyber-attack. Ransomware as a Service (RaaS) is an example of how less sophisticated cybercriminals are becoming able to extort organisations with advanced tools. This will continue to be a huge problem, especially for the private sector, in 2023.
Another emerging trend this year has been the use of less sophisticated methods such as Multi-Factor Authentication (MFA) Push Exhaustion attacks. This is where an attacker sends a large number of MFA acceptance prompts to a user’s phone which may cause them to click accept in order to stop the barrage of requests. This has been largely successful in gaining access to user data and accessing IT environments, but other unsophisticated methods have been less so. An example of this has been Remote Desktop Protocol (RDP) attacks. I believe this is because organisations have got used to facing these threats and are defending themselves better than before. Therefore, I expect the number of RDP attacks to decrease next year. Unfortunately, phishing will continue to be used widely because it’s a simple method that often provides actors with an entry point into several of their targets.