Vectra AI released its industry predictions for 2022, highlighting the changing tactics among ransomware gangs, and the fact that multifactor authentication is no longer enough to thwart threat actors.
“We have entered an era in which our IT stacks are split across so many environments that internal teams struggle to visualize areas of risk,” said Willem Hendrickx, SVP International, Vectra AI. “In 2022, organisations need to recognise that their change in circumstances demands a rethink of their attack posture. And so Vectra has released some key trends that we believe should focus the mindsets of the region’s security stakeholders.”
RansomOps will target more cloud customers When Dr Mohamed al Kuwaiti, Head of Cybersecurity for the UAE government, reported a 250% increase in cyberattacks in the country in 2020, he cited ransomware as one of the most common attacks. Vectra believes ransomware, which is now increasingly thought of as RansomOps, will now pivot its attention to the exfiltration and encryption of cloud data.
“While past campaigns have concentrated on third-party storage and processing providers, 2022 RansomOps raids will lean towards direct targeting of the customer side of the shared-responsibility model,” said Hendrickx.
Governments will target ransomware gangs
In a region where regulatory compliance has become a major concern among growing companies, public authorities such as Dubai Police’s eCrime division and Saudi Arabia’s Bureau of Investigation and Public Prosecution (BIPP) are going to start taking the fight to the threat actors.
Meanwhile government regulators, aware of the complexities introduced to technology stacks by mass cloud migration in 2020, will escalate their formal oversight over private and public sector organisations regarding information security in the wake of ransomware incidents and other attacks.
“As a result of these interventions, we expect to see a relative reduction in ransomware outcomes versus data loss and exfiltration outcomes, as human-operated ransomware is detected and stopped before encryption can begin,” continued Hendrickx.
Demand for MDR services and automation will increase
Vectra foresees a rise in the demand for managed detection and response (MDR), and especially its capacity to automate key security tasks. The company attributes the upcoming surge to the continuing skills gaps in the regional cybersecurity field, coupled with the increase in complexity of technology environments.
The company’s predictions report states that “while managed security services will continue to grow in volume, a non-trivial subset of organisations will meet talent shortfalls with automation, orchestration, and analyst-augmenting AI”.
“Security outsourcing has proved problematic at the best of times, and we do not live in the best of times,” said Hendrickx. “Regional organisations, bound by regulatory obligations from multiple sides — industry, local authorities, and foreign governments — are operating in multi-cloud environments that they are struggling to understand. A third party is ill-equipped to capture requirements comprehensively and SLAs can often fail to protect even the savviest of customers. It may therefore be more prudent to source the tools yourself and start automating to cover the talent gaps.”