Freely subscribe to our NEWSLETTER

Attackers will increasingly target identity systems

As the recent Facebook outage showed, when core identity providers go down, those applications that depend on them for user authentication are affected too. The more users rely on shared infrastructure, the more impactful outages will be. This makes large identity providers a perfect target for hackers. For the fast-growing number of businesses around the world that depend on the Microsoft Azure cloud, Azure AD acts as a major identity provider, authenticating countless users every minute. Hackers compromising Azure AD could therefore take out several apps at once and do damage on a large scale.

Zero trust will become the default in many organisations

With hybrid workspaces here to stay, organisations need to ensure safe identity management in the cloud. More businesses will adopt zero-trust authentication and access models as the necessity for the protection of cloud identities increases.

Sophisticated ransomware attacks will come from unsophisticated attackers
Sophisticated ransomware attacks are no longer the preserve of nation states. In 2022, anybody can access the tools to carry them out. Ransomware-as-a-service is another way that unskilled actors are getting the job done—by contracting out to groups like LockBit 2.0 to do the dirty work. As attackers seek to make maximum profit, campaigns that steal and threaten to reveal information gain popularity. Once data has been extorted, attackers may then come back asking for regular payments.

The ransomware crisis will reach fever pitch before governments take significant action – fuelled by the fact that there is no shortage in vulnerable systems that can be attacked. What’s worse, any remaining morality filter has been removed. Attackers no longer care about the physical impact they cause, for example by attacking critical infrastructure and hospitals where lives could be at risk. As a result, critical everyday services could become unavailable, prices could go up and we could find ransomware affecting our daily lives.

A rise in intellectual property theft

Large companies will have a hard time protecting their intellectual property against digital espionage. Businesses are having to manage increasingly complex IT systems with the same or fewer staff, and are finding it difficult to fill highly skilled security positions. Cybercriminals will continue to find easy ways into an organisation by attacking a smaller or newer company higher up the supply chain that hasn’t got strong cyber defences in place, so there is no doubt that we will see more supply chain attacks in the new year. We may see bad actors deploying artificial intelligence as they have the money and resources to do so.

Guido Grillenmeier bio:

Guido Grillenmeier | Chief Technologist, Semperis
Guido Grillenmeier is Chief Technologist with Semperis. Based in Germany, Guido has been a Microsoft MVP for Directory Services for 12 years. He spent 20+ years at HP/HPE as Chief Engineer. A frequent presenter at technology conferences and contributor to technical journals, Guido is the co-author of Microsoft Windows Security Fundamentals. He’s helped various customers secure their Active Directory environments, and supported their transition to Windows 10/m365 and Azure cloud services.