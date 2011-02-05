Another SolarWinds Attack on the Horizon?

December 2021 by Michael Davis, Chief Architect at Open Systems

One year after the massive cybersecurity attack on SolarWinds, the cybercriminal group responsible for the act is still at it with reports that they are now targeting cloud providers.

Although egregious, this is not necessarily surprising to Michael Davis, Chief Architect at Open Systems, as one of his predictions for the upcoming year is:

There will be further SolarWinds-style attacks in 2022 as bad actors target IT resellers and technology service providers as a way to access the IT systems of their downstream customers. The primary methods the bad actors will employ include stealing login credentials through simple – but effective – tactics like password spraying and phishing, and adding malicious code to the resellers and service providers’ software to create backdoors that provide access to downstream customers’ systems.

Other predictions for 2022 include:

Attackers embrace AI to evade detection. AI and ML took the security market by storm in the past 5 years. 2022 will see models within security software further attacked using adversarial techniques and those outputs put to use in malware that rewrites itself to evade.

Traditional Security vendors will start getting into CryptoSecurity. Reviewing code, smart contracts, and more standardization of crypto project security assessments as of 2021 saw some massive “hacks” due to poor logic or flaws in various crypto codebases.

​​To address the burnout of top cyber talent, enterprises will more diligently tackle workload and workplace issues to improve morale and job satisfaction. Many companies may also engage MDR, or other service providers that employ cybersecurity experts, to continuously monitor their environment allowing their in-house teams to turn to more strategic items aimed at reducing the potential attack surface.