Cisco Reveals Top Cybersecurity Trends at GISEC 2022


Cisco’s cybersecurity professionals shared the company’s latest security innovation and insights at the 2022 edition of the Gulf Information Security Expo & Conference (GISEC)

On the occasion of GISEC, Cisco released its predictions on emerging trends, based on research from the company’s threat intelligence group Talos. The report details recent cybersecurity trends, highlighting the most common attacks, biggest targets and 2022 predictions.

Healthcare was the top targeted sector throughout the majority of 2021. The main reason adversaries are continuing to target this industry is due to healthcare providers’ often underfunded cybersecurity budgets and extremely low downtime tolerance, the latter of which has been intensified by the pandemic.

Ransomware dominated the threat landscape in 2021. Cisco Talos researchers observed two trends emerging in ransomware engagements: a proliferation of adversaries, and an increased reliance on commercially available and open-source tools.  Throughout 2020 and in the beginning of 2021, Ryuk was the primary ransomware family observed. As the year went on, it began to gradually disappear, similar to several other well-known ransomware types. What followed was a greater variety of actors culminating in the last quarter of the year.

Regarding attack vectors, Cisco Talos found that the adversaries most commonly exploited internet-facing applications and used phishing and business email compromise (BEC) attacks to target end users.

For 2022, Cisco Talos is monitoring the situation around Log4J vulnerabilities, supply chain and third-party risks, the potential revival of Emotet, and the environment around ransomware.

Log4J vulnerabilities have caused widespread concern among customers and the security community at large, and we could easily see an increase in related incidents in 2022. As many researchers have pointed out, this incident has far-reaching implications based on Log4J’s wide use within enterprises, and the difficulty some organisations might have in finding and patching everything that is vulnerable.

The past year was an indicator of things to come in terms of supply chain and third-party risk. When adversaries target a large Managed Service Provider (MSP) or open-source software incorporated into countless enterprise products, they greatly expand the potential pool of victims. It is expected that supply chain and third-party risk will continue to pose significant threat to enterprise security, as numerous actors such as ransomware groups leverage these attacks to pivot to high-value targets.