Virtualization Technology News and Information
Juniper Networks 2022 Predictions: Misinformation, Multi-Layered Scams and Microservices, Oh My!

vmblog predictions 2022 

Industry executives and experts share their predictions for 2022.  Read them in this 14th annual series exclusive.

Misinformation, Multi-Layered Scams and Microservices, Oh My!

By Laurence Pitt, Global Security Strategy Director, Juniper Networks

Cyber threats come in many shapes and sizes and stem from vulnerabilities most don't even realize until it's too late. While it's true that the pandemic has exposed many of these over the last 18+ months, criminals continue to find ways to exploit new vulnerabilities and spread misinformation, leading to much larger scale consequences than we've seen thus far. 2022 will teach us to cast a wider net when searching for and patching vulnerabilities and will serve as a stern reminder to update cyber hygiene practices as if your data depends on it (because it does!). Below are my thoughts on the "Three Cyber Ms of 2022."

Misinformation will give cybercriminals yet another weapon: 2021 was the year when cybercriminals took advantage of a pandemic to spread misinformation, mostly around vaccines and taking advantage of our need for normalcy to extort money with fake medicines, fake certifications and more. The global scale of these campaigns allowed attackers to learn and profit massively. To make matters worse, state actors including Russia, China and Iran have got involved with shaping and manipulating vaccine narratives. I predict that in 2022 these learnings will be used to spread even more complex misinformation, perhaps even MiaaS (Misinformation As A Service??), to fleece victims, slow economic recoveries, disrupt elections, and undermine other country-based decision events. We must combat misinformation with truth to avoid disastrous consequences with lasting implications for our governments.

Revamping personal cyber hygiene will be more important than ever in 2022: Identity theft is being used in more complicated scams, and unfortunately people are still not keeping up with the need to secure ALL their accounts to the highest level available. In 2021 there were stories of people having their own home sold by a criminal, returning home to discover the new owners, and losing out on hundreds of thousands of £/$. As you can imagine, these are complex and multi-layered scams, but all rely on just one small vulnerability to let them in - oversharing on social media, not using MFA (Multi-Factor Authentication) when available, weak passwords or being too trusting when the phone rings, etc. Personal cyber-awareness must increase in 2022. And it's not just consumer data - weak or compromised passwords will account for many breaches into corporate networks. This means that cyber hygiene must be a consideration for individuals as well as enterprises as a whole (AKA, don't skimp out on the cybersecurity training!).

Microservices will bring macro threats: Use of cloud software is increasing exponentially with more people working remotely, and as organizations begin to see the opportunity to reduce OPEX costs by using someone else's hardware. One big advantage of cloud software is the ability for applications to be upgraded simply, without downtime, by using microservices. While this makes perfect sense from a development and agility perspective, it also expands the overall attack surface. Since microservices communicate with each other via APIs independent of machine architecture and programming language, attack vectors are not hard to uncover. Needless to say, criminals have spotted this opportunity, and it has in fact led to some toe-in-the-water level attacks during 2021. As this trend toward microservices in the cloud continues in 2022, expect to see similar growth in microservice level attacks as criminals turn this to their advantage.

Between misinformation, multi-layered scams and microservices with macro threats, there are plenty of risks to keep us all on our toes in 2022. It seems that we say this every year, but it really is more important than ever to anticipate, monitor and stop threats in their tracks to avoid costly and challenging security setbacks in the enterprise and beyond.



Laurence Pitt 

Laurence Pitt is Global Security Strategy Director at Juniper Networks. He has more than twenty years of cybersecurity experience, having started out in systems design and moved through product management in areas from endpoint security to managed networks. In his role at Juniper, he articulates security clearly to business and across the business, creating and having conversations to provoke careful thought about process, policy and solutions. Security throughout the network is a key area where Juniper can help as business moves to the cloud and undertakes the challenge of digital transformation.

Published Monday, January 10, 2022 7:38 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<January 2022>