Threat actors are continually looking for better ways to target organizations, here are the top five attack vectors to look out for in 2022.
Malicious actors are continually looking for better ways to carry out successful cyber attacks. Whether motivated by a potential payday or the ability to access confidential information, cybercriminals have plenty of incentive to focus on what works best in achieving their goals. This article focuses on the top five attack vectors organizations should look out for and defend against in 2022.
Phishing techniques use social engineering to trick victims into taking an action that helps an attacker compromise your network or access your sensitive information assets. Fraudulent emails purporting to be from authoritative company sources are the main phishing attacks that employees fall victim to. These emails persuade employees to reveal passwords for important applications or download malicious files to their devices.
Some threat actors carry out phishing attacks using social media and networking platforms, such as Twitter or LinkedIn. Phishing scams remain such a widely used attack vector because of their efficiency. The potential rewards for very little effort make phishing scams highly attractive attack vectors requiring minimal technical knowledge.
Some phishing scams target particular individuals because of their close proximity to sensitive information or because those individuals are likely to have administrative access to network resources. Some phishing scams are so convincing that they can fool even seasoned security professionals. A solid defense against phishing requires a dual approach of employee awareness and an anti-phishing email filtering solution.
2. Stolen Credentials
Stolen credentials continue to cause problems for businesses of all sizes. A 2021 report on data breaches found that stolen credentials were the initial attack vector used in 61 percent of breaches. Using stolen passwords is an easy way to masquerade as a genuine user and access sensitive information or infiltrate deeper into your network.
It’s straightforward for threat actors to purchase bulk lists of stolen username-password credentials on the dark web. Other attack vectors such as phishing emails can be used to trick employees into disclosing their passwords, which cybercriminals then use to access your network.
The problems posed by stolen credentials stem from a perfect storm of poor password hygiene and weak identity and access management controls. Employees regularly reuse their passwords across multiple applications and services, which means that a single stolen password could provide an easy entry route into your network. Many organizations provide excessive access privileges to users, which worsens the impact of a credential compromise by giving hackers access to administrative functions or critical systems.
3. API Exploits
Organizations can create new opportunities for growth through the use of APIs, which integrate their applications and service with other resources in the wider digital ecosystem. APIs facilitate communication between different apps and services. The use of APIs has become so widespread that many technologists say we’re living in an API economy.
Ever on the lookout for new opportunities to get their hands on sensitive data, many threat actors realize that the proliferation of APIs may work to their advantage. Traditional security tactics cannot detect API attacks, so many organizations remain open to a breach or data exfiltration via APIs. This API security checklist provides best practices and considerations for closing off your APIs as an attack vector.
4. Remote Technology
The speed at which cyber attacks exploiting remote technology increased during the Covid-19 pandemic serves as a telling example of how threat actors dynamically adapt the attack vectors they use in response to changing conditions. A 2020 report found that 20 percent of organizations experienced a security breach due to remote work.
The technologies used by organizations to facilitate remote work include virtual private network (VPN) connections and remote desktop protocol (RDP). These technologies let employees access business applications and resources from outside the physical location of their place of work.
While the use of remote technology will likely reduce over time compared to at the height of the pandemic, it’s clear that remote work is here to stay in some capacity. Opportunistic threat actors know that with remote work not going away, there will be chances to gain entry to corporate networks by exploiting RDP and VPN connections.
An actionable way to defend against remote access threats is to require multi factor authentication (MFA) for these connections. MFA requires users to provide another category of evidence that verifies their identity in addition to the standard username-password combination they use to log in. These distinct pieces of evidence can include a one-time password or a fingerprint scan.
5. IoT Devices
IoT devices include wearable devices, coffee makers, sensors, and cameras, all of which connect to the Internet. Many organizations don’t have visibility into all of their IoT devices. Furthermore, it’s common for IoT devices to use default credentials that hackers can easily guess.
IoT devices are veritable storehouses of data about the environment they are in and the people that use them. A cyber attack on an IoT device could also be the initial entry point from which a hacker accesses your wider network and installs ransomware that locks down key systems.
Organizations need a serious approach to secure their IoT infrastructures, including:
- Full device visibility
- Changing default usernames and passwords
- Using strong passwords
- Segmenting the network so that an IoT compromise can’t spread to key IT systems and assets
- Update IoT devices on time
As we come into 2022, get your organization ready to combat these top five cyber attack vectors. Each of them calls for its own defense strategy to limit the chances of malicious threat actors successfully leveraging them to access or disrupt your valuable data and services.
About the Author: Ronan Mahony is a freelance content writer mostly focused on cybersecurity topics. He likes breaking down complex ideas and solutions into engaging blog posts and articles. He’s comfortable writing about other areas of B2B technology, including machine learning and data analytics. He graduated from University College Dublin in 2013 with a degree in actuarial science, however, he followed his passion for writing and became a freelance writer in 2016. He currently also works with Bora. In his spare time, Ronan enjoys hiking, solo travel, and cooking Thai food.
(SecurityAffairs – hacking, attack vectors)