Some key cybersecurity developments and trends to focus attention on in 2022.
In December 2021, CybersecAsia spoke to many industry leaders about the cyberthreat landscape in 2021 and their cybersecurity predictions for 2022.
Many of these perspectives have been shared in the last 3 months, in various forms:
Here, we feature an interview from December on the same topic – but with unique insights into ransomware, regional government cybersecurity strategy, zero trust, and more – with Mark Lukie, Systems Engineer Manager, APAC, Barracuda:
What have been the most significant cyber-threats to organizations in Asia Pacific in 2021?
Lukie: Ransomware has dominated the headlines in 2021 and will continue to do so in 2022 – because it’s the most lucrative way for cyber criminals to make money right now.
New ransomware models are now the top emerging risk factor facing organizations, according to Gartner. Year on year, in 2021 we saw a 64% increase in ransomware attacks. 11% of known incidents occurred in Asia-Pacific.
More cyber gangs like REvil and DarkSide are springing up, offering crime for hire – or tech support for a percentage of the ransom. In 2021, 27% of attacks came from ransomware-as-a-service providers.
Figuring out how to slow that down by encouraging collaboration between governments and developing alliances with vendors will be critical in the year ahead.
What are some recent key initiatives among governments, cybersecurity industry, or end-user organizations in the region worth noting?
Lukie: We’re starting to see governments taking cybersecurity very seriously and collaborating at the nation-state level. So seriously in fact, that the US now gives ransomware attacks similar priority to acts of terrorism.
Australia is among the more proactive countries in Asia Pacific, having pledged AU$1.67 billion (US$1.2 billion) towards its Cyber Security Strategy. With measures including stronger legislation, helping businesses educate their employees, and providing financial support for victims, the Australian government most recently unveiled its Ransomware Action Plan.
Singapore has also updated its National Cybersecurity Strategy and continues to foster ties in Southeast Asia with its ASEAN-Singapore Cybersecurity Centre of Excellence. And companies looking to list on the Hong Kong stock exchange will be subject to more stringent cybersecurity reviews if they handle data that concerns national security.
The growing focus on privacy laws and cost of a data breach drive the priority for companies to invest in security and risk management. They need to sharpen their cybersecurity protection and solutions to meet the stricter compliance requirements.
As we approach 2022, how do you foresee the cyber-threat landscape evolving, and what would be some major threats and risks organizations should expect?
Lukie: Unfortunately we’re still in the post-breach era where attackers are ahead of their targets since they have their hands on stolen data, including credentials. Attackers continue to exploit human error to infiltrate endpoints and move laterally that can expose organizations to cyber risk in more ways. These attacks range from extortion on valuable data to penetrating the software supply chain. It has gone beyond disrupting business operations and goes as far as revealing information to discredit a corporation and destroy the trust chain.
Critical infrastructure will continue to face significant security challenges in 2022. This includes everything from energy and financial services to education and healthcare. For example, there have been numerous stories about how ransomware attacks on hospitals affect patient treatment and even lead to deaths. Attacks on critical infrastructure have the most direct impact on people’s lives, so security will be a challenge as cybercriminals continue to focus on these vulnerable areas.
How should we be preparing for these possibilities in 2022 and beyond?
Lukie: In 2022, we need to continue to work together as a global alliance to make sure we slow down the movement of these assets. If we can effectively slow down the wealth movement, it will make a difference.
There needs to be a renewed focus on governments prioritizing cybersecurity initiatives, building alliances with vendors, and sharing data with other countries. This level of collaboration will help improve security for everyone.
It’s important that everyone stays up to date with evolving threat trends like ransomware and that businesses learn how to pre-empt attacks and proactively protect their employees and themselves. By consistently training users for email security awareness and implementing anti-phishing capabilities, companies can minimize the risk of credential loss.
Besides using MFA, it is important to protect all SaaS applications and infrastructure access points. It’s best to implement Zero Trust Access based on endpoint security postures. In addition, a secure data protection plan enables businesses to identify critical data and implement disaster and recovery capabilities.
However, we’re expecting some better news about cyber-defenses in 2022, particularly against ransomware. This is because we are starting to see more collaboration at law enforcement and national levels, which disrupts payments. If cyber-gangs launch a ransomware attack and are unable to collect — even if there is the willingness to pay or negotiate — it generates enough fear and uncertainty to make them less likely to attack.