IT Brief Australia logo
Technology news for Australia's largest enterprises
Story image

New lows for ransomware attacks, decline in critical infrastructure defences expected in 2022

By Shannon Williams
Fri 7 Jan 2022

New lows for ransomware attacks, an increase in nation state attacks, a decline in critical infrastructure defences, and 2022 becoming the year of the defender are amongst the trends expected to change the cyber landscape this year, according to Nozomi Networks.

Nozomi Networks chief executive Edgard Capdevielle says 2021 was an unprecedented year for OT, IoT and ICS security, with news-making attacks like Colonial Pipeline, JBS, Oldsmar Water and Kaseya and coming to a close with the Log4j vulnerability. 

"As we enter the new year, ransomware and threats to operational technology / industrial control system (OT/ICS) environments remain at an all-time high, as do vulnerability disclosures," he says. 

"For operational networks and critical infrastructure, we've moved from what if scenarios to what well do when. Both the public and private sector are stepping up to strengthen defences and strong cybersecurity is becoming a top priority as OT and ICS systems embrace new technologies to stay ahead of the competition."

Ransomware will shift and threat actors will reach even greater lows.

As the U.S. government cracks down on ransomware gangs, Capdevielle says in 2022 people should expect to see attacks move to Europe and elsewhere as threat actors move to easier targets in countries where there is less threat of government retaliation. 

"While we'll continue to see large, multi-million-dollar ransom bounties, there will likely to be a greater volume of smaller bounties using multiple extortion tactics as threat actors find ways to increase the likelihood of a payout while staying under the public radar," he says. 

"Expect to see breaches of smaller ICS targets, including those in the food industry, as they have smaller budgets for security but face all of the same challenges as larger ICS installations."

While threat actors will continue to evolve their tactics, Capdevielle says victims will also shift responses.

"Governments and private enterprises are likely to take more offensive actions as more organisations fight back. Law enforcement will strengthen its push to recoup bitcoin and increase bounties for information leading to the arrest of cybercriminals," he says.

"On the private side, expect to see more organisations take matters into their own hands, hiring cyber sleuths and white hat hackers to find and take down cyber attackers."

Nation-state attacks will rise.

With global pressures tightening, 2022 will be a record year for nation-state attacks in number and severity. 

Capdevielle says Russia will continue to be a leading actor against the U.S., Ukraine and other nations. 

"Expect Chinese attacks to grow in volume and aggression as hostilities rise over technology bans, financial pressures and diplomatic boycotts of the Winter Olympics," he says.

"And, as tensions rise in the Middle East, the likelihood is high that a Stuxnet-like attack will disable or severely damage the Iran nuclear weapons program."

According to Capdevielle, critical infrastructure defences will mature significantly thanks in part to progress when it comes to public and private cooperative efforts aimed at tightening defences.

"Government guidelines, mandates, and legislation in combination with self-governance at the sector level will help establish and enforce a standard baseline for critical infrastructure cybersecurity," he says.

"Standards and best practices (like ISA and NIST) will get more spotlight. While the needle will move significantly, it still wont be far enough fast enough to match the innovation of our adversaries."

Capdevielle says public/private sectors efforts will begin to shift the landscape in 2022 thanks in part to the significant progress made by Jen Easterly to establish CISA as the central point of collaboration and coordination across the infosec community. 

"Still, it will take a couple of years to see significant improvements in terms of meaningful defences. One sign of this progress will come in the form of new open solutions for information sharing. That includes options that don't compromise private data and make it possible for public and private sectors organisations to collectively strengthen defences."

An evolving Purdue model will embrace Zero Trust.

Capdevielle says un 2021m Zero Trust began to pop up in OT conversations but with no clear definition of what it means or how it will be deployed. 

"In 2022, Zero Trust will become a more strategic discussion in OT cybersecurity as organisations evolve their security frameworks to address a new reality of distributed architectures and IoT," he says. 

"Zero Trust policies will begin to address device restrictions and insecure-by-design PLCs, IoT sensors and controllers. At a minimum, OT cybersecurity vendors will have to address visibility and adherence to Zero Trust policies across all OT and IoT devices. This will transform an evolving Purdue model to a more intentional adoption of Zero Trust."

Hyper convergence and the ever-expanding attack surface.

"With the massive adoption of IoT devices, and as IT and OT borders have blurred, the attack surface is only getting larger. In 2022, 5G will begin to make it possible to connect the previously unconnected and will drive even more devices into the network," Capdevielle says.

"In turn, well see an increased risk to critical infrastructure and ICS. While cloud adoption will not be universal in OT environments, for many, cloud-based cybersecurity solutions will make their way into the mix as CISOs and security professionals look for ways to build and quickly scale cybersecurity enterprise-wide," he says. 

"Expect more organisations to abandon siloed security strategies and adopt hyper-converged solutions that can effectively bridge IT, OT and IoT toward fully addressing cyber-physical risks."

SBOMs and security certifications will become standard fare.

As 2021 ended with the massive Log4J open source vulnerability disclosure and in the wake of monumental SolarWinds and Kaseya software supply chain hacks all during a record year for ICS-CERT vulnerability disclosures, Capdevielle says expect to see the large majority of industrial and critical infrastructure organisations begin to demand greater transparency and higher product security standards and accountability from their software vendors and other third-party providers. Software Bill of Materials (SBOMs) and greater vendor accountability will become standard fare in RFPs and contracts, he says.

The evolving market will reach new heights.

2021 saw hundreds of millions of dollars invested in a few private companies in the OT/ICS space. Capdevielle says 2022 will see continued investment, but it will taper off throughout the year as the top 3 OT industry leaders have separated from the pack. The macroeconomic environment (higher interest rates + inflation) will reinforce this tapering.

"IoT vendors will continue to target OT opportunities but will find OT vendors may have more success in expanding to their IoT turf," he says. 

"We will likely continue to see some technology acquisitions to help larger security vendors round out or augment their portfolios."

2022: The Year of the Defender.

"While there is no doubt that cyber threats will continue to grow and evolve, in 2022 I'm putting my money on the defenders," Capdevielle says.

"Last year we turned an important corner. The threat scenarios we've discussed for years and even ones we hadn't became real," he says.

"At the same time IT and OT organisations have continued to come together and grow stronger. So has their perspective and approach to cybersecurity," Capdevielle says. 

"Today industrial and critical infrastructure cybersecurity is a top priority that in more and more cases is demanding and receiving the resources it needs for success. The private and public sector and even the vendor community are joining forces to help the cause. While building a secure future is a daunting task, based on our experiences with hundreds of customers, partners and peers. around the world, our global defenders are up for the task."

Related stories
Top stories
Story image
Recruitment
Thales on recruitment hunt for next disruptive innovations
"Recruiting new talent is part of Thales's belief in the power of innovation and technological progress to build a safer, greener and more inclusive world."
Story image
Cybersecurity
Palo Alto Networks' cloud security platform receives IRAP assessment
"We provide help protect all forms of compute, cloud native services and access to data within public and private sectors."
Story image
Apple
Jamf introduces new content filtering solution for education providers
Jamf has announced the launch of Jamf Safe Internet, a new offering that looks to deliver a safe online experience to students while offering better management options for admins.
Story image
Infrastructure
Video: 10 Minute IT Jams - An update from Paessler
Sebastian Krüger joins us today to discuss how unified infrastructure monitoring enables MSPs to seamlessly deliver services to their clients.
Story image
Documentation
Adobe study finds lack of digital trust and utilisation in Australian Government agencies
New research commissioned by Adobe has revealed a significant lack of digital trust within Australian Government departments, along with the continued underutilisation of key digital processes.
Story image
Research
New study reveals 51% of employees using unauthorised apps
The research shows that 92% of employees and managers in large enterprises want full control over applications, but they don't have it.
Story image
Cybersecurity
Delinea’s Joseph Carson recognised with OnCon Icon Award
Delinea chief security scientist and advisory CISO Joseph Carson has been recognised as a Top 50 Information Security Professional in the 2022 OnCon Icon Awards.
Story image
Artificial Intelligence
Siemens expands NVIDIA partnership for industrial metaverse
Siemens is expanding its partnership with NVIDIA to enable the industrial metaverse and increase the use of AI-driven digital twin technology.
Productivity
Discover the 5 ways your ERP may be letting you down. Is your current system outdated, difficult to manage, and costing you a fortune?
Link image
Supply chain
Discover the 4 critical priorities for wholesale distribution businesses in FY23. Are you worried about how supply chain issues may affect your business in 2023?
Link image
Story image
Tech job moves
Tech job moves - Bitdefender, Cohesity, Fortinet & MODIFI
We round up all job appointments from June 27-30, 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
Digital
Ivanti puts spotlight on power of employee digital experiences
The report revealed that 49% of employees are frustrated by the tech and tools their organisation provides and 64% believe this impacts morale.
Digital Transformation
Discover the 5 signs your business is ready for a cloud-based ERP. Is your business being left behind as more of your competitors switch to the cloud?
Link image
Story image
Cybersecurity
Tech and data’s role in the changing face of compliance
Accenture's study found that 93% of respondents agree or strongly agree new technologies such as AI and cloud make compliance easier.
Story image
Accounting
Four factors to consider when choosing the right job accounting solution
Progressive job-based businesses can achieve success by strengthening their ability to quantify every cost attributable to the delivery of an outcome for a customer.
Story image
Online shopping
Consumers want speed, visibility in return for brand loyalty
72% of Australian shoppers want complete online order visibility and 63% are loyal to retailers who deliver goods the fastest.
Story image
Samsung
Monitors are an excellent incentive for getting employees back
The pandemic has taught us that hybrid working is a lot easier than we would’ve thought, so how can the office be made to feel as comfortable as home? The answer could be staring you in the face right now.
PwC
PwC's Consulting Business and PwC's Indigenous Consulting are proud to play an important role in helping Australian Indigenous Mentoring Experience build IMAGI-NATION, a free online university for marginalised communities around the world.
Link image
Story image
Microsoft
SAS wins Microsoft ISV 2022 Partner of the Year award
"We formed the SAS and Microsoft strategic partnership with a shared goal of making it easier for customers to drive better decisions in the cloud."
Story image
Management
MYOB snaps up Sydney-based management software specialists
MYOB has announced the acquisition of Sydney-based business management software and support specialists, GT Business Solutions.
Story image
Payroll
How New South Wales state departments achieved cloud migration success
State departments in New South Wales are heading to the cloud to achieve better workflow solutions, and one company is paving the way for their success.
Story image
Infrastructure
New VMware offerings improve cloud infrastructure management
VMware has unveiled VMware vSphere+ and VMware vSAN+ to help organisations bring benefits of the cloud to existing on-prem infrastructure.
Story image
IDTechEx
The next stage for 5G in thermal materials - IDTechEx
IDTechEx says higher frequency deployments, such as mmWave devices and very different station types such as small cells, present their own technological evolution and, with it, thermal challenges. 
Project management
Discover the 4 crucial factors for choosing the right job-costing solution. Is your team struggling to cost jobs and keep projects running on budget?
Link image
Story image
Dicker Data
EXCLUSIVE: Why women in IT makes good business sense - Dicker Data
The Federal government wants to bolster female participation in the tech industry to at least 40% by 2030. Here's how one homegrown Australian company has already reached that goal.
Story image
Telstra
Ericsson and Ciena, Telstra enhance service capacity for Telstra's optical network
Ericsson, Telstra, and Ciena have announced new enhancements to Telstra's Next Generation Optical Network, which will increase the service capacity of Telstra's optical network to 400 GE (Gigabit per Second Ethernet).
Story image
Macquarie Data Centres
Macquarie deal to pioneer CO2-cutting data centre tech in Australia
Macquarie Data Centres has signed a multi-year deal with ResetData, an Australian first provider using Submer data centre technology. 
Story image
Artificial Intelligence
Accenture shares the benefits of supply chain visibility
It's clear that gaining better visibility into the supply chain will help organisations avoid excess costs, inefficiencies, and complexity to ultimately improve their bottom line.
Story image
Cybersecurity
Without trust, your security team is dead in the water
The rise of cyberattacks has increased the need for sound security that works across any type of business, but with any change, buy-in is essential. Airwallex explains why.
Story image
API
Industry-first comprehensive risk-based API security enhances protection
Application Programming Interfaces (APIs) have become a crucial part of operating web and mobile application businesses and are causing significant economic growth in the digital sector.
Story image
Metaverse
How the metaverse will change the future of the supply chain
The metaverse is set to significantly change the way we live and work, so what problems can it solve in supply chain management?
Story image
Ransomware
Businesses unprepared to defend against ransomware attacks
Ransomware attacks continue to impact organisations worldwide with high costs, but businesses are still largely unprepared.
Story image
Enterprise Resource Planning / ERP
Five ways your ERP is letting you down and why its time for a change
Wiise explains while moving to a new system may seem daunting, the truth is that legacy systems could be holding your business back.
Story image
Data Protection
Five signs your business is ready to move to the cloud
Many organisations are thinking about moving to the cloud. But what are the signs you are ready, and what are the reasons to move?
Story image
Digital Fingerprint
Decline in counterfeit cherries after digital fingerprinting
Reid Fruits says there’s been a dramatic decline in counterfeit products for its cherries over the past three export seasons to Asia because of digital fingerprinting.
Story image
Cloud
BT builds on Equinix partnership with new cloud offering
BT has launched a next-generation cloud connectivity offering extending its global network into strategic carrier-neutral facilities (CNFs) and building on its existing partnership with Equinix.
Story image
Remote Working
RDP attacks on the rise, Kaspersky experts offer advice
"Given that remote work is here to stay, we urge companies to seriously look into securing their remote and hybrid workforce to protect their data."
PwC
WSLHD and PwC’s Consulting Business came together to solve through the challenges of COVID-19. A model of care was developed to the NSW Health Agency for Clinical Innovation guidelines with new technology platforms and an entirely new workforce.
Link image
Story image
Identity and Access Management
Ping Identity named a Leader in Access Management
Ping Identity has been named a leader in the 2022 KuppingerCole Leadership Compass report for Access Management. 
Story image
Multi Cloud
Cloud is a tool, not a destination
For many years, “cloud” has been thought of as a destination which has led to a misguided strategy that sees an enterprise trying to shift all its applications to a single cloud provider – regardless of the specific needs and nuances of each individual workload.
Story image
Malware
Colt launches new SASE Gateway solution with Versa
Colt Technology Services’ customers now have access to an integrated full SASE solution that brings together SD WAN and SSE features.
Story image
Wiise
Four things wholesale distributors need to consider for FY2023
In a post-pandemic world, there are many things for a distribution business to juggle. ERP solutions company Wiise narrows down what companies should focus on.
Story image
Airwallex
How Airwallex helps businesses achieve globalisation success
As markets continue to shift, businesses need to be able to provide the same quality of service for customers regardless of where they are located around the world.
Story image
State Library of Victoria
State Library of Victoria entrusts Oracle support and security to Rimini Street
“Our finance team are very happy with the support and security that Rimini Street provides, which keeps our assets and our customers secure."