Cybercriminals strategize and target APIs and DevOps environments. Trend Micro analysis

The last two years have seen a great acceleration in the digital transformation processes of companies, which have invested in technology to respond to the pandemic and, in particular, accelerated the adoption of the cloud. The downside is that cybercriminals have not been idle and continue to adapt their attack techniques to new technologies, also focusing on cloud services.

it confirms it TrendMicro in his reports Towards a new impetusin which he analyzes the cyber threats that will characterize 2022.

Cloud, IoT and supply chains will be among the top targets for cybercriminals in 2022

As businesses migrate to the cloud, attackers are bound to follow. And if companies spend large sums to protect themselves, criminals will instead focus on low-cost, high-impact strategies, starting with Phishing, but also by exploiting IT errors, such as lack of rotation of access keys, unprotected containers, use of images from untrusted sources, ineffective access management policies. Practically, Criminals are not revolutionizing their attack patterns, they are adapting them to make detection more difficult.

revolution evolution

We are already seeing malicious activity targeting DevOps tools and pipelines in cloud integrated development environments (IDEs). We expect cybercriminals to create more campaigns using DevOps principles against supply chains, Kubernetes environments, infrastructure-as-code (IoC) deployments, and pipelines. We also expect developers and systems used for builds to be exploited as entry points by attackers willing to spread malware across multiple companies via supply chain attacks.“, we read in the report.

micro-trend cloud threats

However, the cloud won’t be the only target, and Trend Micro expects IoT environments to be an attractive target as well. If IoT devices are currently being targeted to have a network access point and then roam there and scale privileges, in 2022 smart cars will be the main target of attackers. Which, in any case, will continue to breach enterprise IoT devices, especially SMBs, in order to install ransomware, increasingly using Ransomware-as-a-Service, which also allows actors without specific technical knowledge to carry out such attacks.

IoT Threats

Supply chains will also be attacked, but with a difference from today: attackers will adopt quadruple extortion techniques. Not only will data be encrypted and ransoms demanded for not disclosing stolen information: cybercriminals will threaten to launch attacks against victims’ customers and attack the entire supplier supply chain.

We have more cybersecurity researchers than other companies and are known for our threat intelligence. Our knowledge and findings are widely used and fuel our products“, did he declare Gastone Nencini, Country Manager of Trend Micro Italy. “The past two years have been challenging from a cybersecurity perspective, due to the sudden adoption of remote working and the resulting explosion in the size of attack surfaces. For this reason, today it is even more necessary to identify a solid strategy based on a complete analysis of its infrastructure, to close any remaining security gaps and make the life of cybercriminals as difficult as possible.”.

We took advantage of a meeting with the press to ask Nencini about Trend Micro’s vision on the standardization of cybersecurity, i.e. the possibility of making the solutions offered by the various manufacturers interoperable. An aspect that, according to Nencini, is extremely important for his company, as confirmed by the fact that the CEO, during a conference with partners held in Europe, he started with a slide with the logos of all the competitors, emphasizing that they were not adversaries but that they were all at the service of customers to ward off threats .

In short, Trend Micro is working on this front, but it’s not an easy path, given that each vendor tends to favor its own solution.