Red Canary, the Denver-based managed detection and response (MDR) provider performed an analysis of emerging and significant trends that its cybersecurity team encountered over the past year. Its annual 2022 Threat Detection Report covers the most prominent trends of 2021 and shows major themes that may prelude into 2022.
Last year, ransomware groups (Sodinokibi/REvil, BlackMatter, etc) made headlines and then suddenly disappeared only to rebrand under a different name, according to cybersecurity researchers and analyst in the information security community.
Red Canary’s report also notes trends in supply chain compromise, as witnessed in the SolarWinds, Kaseya and Log4j attacks. These types of attacks are not going away anytime soon, says the cybersecurity firm. The exploitation of Kaseya VSA appliance software led to ransomware deployments on thousands of organizations that used the software for remote administration of endpoints.
The “as-a-service” models, such as, “phishing-as-a-service,” “ransomware-as-a-service,” “access-as-service,” are expected to continue. These types of services have led to a proliferation of partnering, making it challenging to identify and anticipate the progression of a compromise.
“It’s never been easier to find an adversary for hire,” says Red Canary, noting an upheaval in highly specialized malicious subscription-based software strategies.
User initiated access activity is also expected to continue, such as malicious emails, attempts to harvest victims’ credentials and breaches by way of a trusted party. Many threat actors will direct victims to download a malicious executable after engaging with content they purposely sought out, as observed on search engine results pages. Red Canary notes it is critical to respond to this type of activity as follow-on threats can include info-stealers and ransomware.
In addition, software vulnerabilities will continue to be problems for IT teams moving forward, the firm says.
Check out the complete list of 12 threat detection trends you should know in the slideshow.
Leave a Reply