Ransomware is on the rise, and attackers are massing in never-before-seen numbers, lining up to find victims.
Could the new year possibly get any worse? According to FortiGuard Labs, the answer is yes. According to its 2022 predictions, upcoming threats will target an expanding attack surface, meaning that 2022 is “shaping up to be a banner year for cybercriminals. … Attacks will continue to span the entire attack surface, leaving IT teams scrambling to cover every possible avenue of attack.”
“Cybercriminals are evolving and becoming more like traditional APT groups; zero-day equipped, destructive, and able to expand their techniques as needed to achieve their goals,” according to Fortinet. “We will see attacks spanning further outside of the extended network, even into space, as attackers take advantage of a fragmented perimeter, siloed teams and tools as well as a greatly expanded attack surface. These threats will leave overwhelmed IT teams scrambling to cover every possible avenue of attack.”
The author of that report is Derek Manky: chief, security insights & global threat alliances, for FortiGuard Labs. He recently visited the Threatpost podcast to discuss what FortiGuard Labs is seeing, be it more Mirai – the No. 1 botnet listed in the company’s threat landscape report (PDF) for the first half of 2021 – to more Linux-based botnets and more.
“We’re going to fully expect to see more of [Mirai],” Manky predicted. “More Linux-based botnets. A lot of these targets, we’re not talking about Windows, but MacOS, we’ve already seen more and more … code written for Linux itself, and that is a majority of the [internet of things, or IoT] space.”
Fortinet is also predicting that attacks will continue to span the network, including an increase in attacks targeting Operational Technology (OT) systems, Manky said. It makes sense, he said, given that “That’s where the bigger dollars are.”
Fortinet’s full report, Predictions for 2022: Tomorrow’s Threats Will Target the Expanding Attack Surface.
Listen to the full podcast below, or download it directly here.
There’s a sea of unstructured data on the internet relating to the latest security threats. REGISTER TODAY to learn key concepts of natural language processing (NLP) and how to use it to navigate the data ocean and add context to cybersecurity threats (without being an expert!). This LIVE, interactive Threatpost Town Hall, sponsored by Rapid 7, will feature security researchers Erick Galinkin of Rapid7 and Izzy Lazerson of IntSights (a Rapid7 company), plus Threatpost journalist and webinar host, Becky Bracken.