{"id":44515,"date":"2021-12-20T00:00:00","date_gmt":"2021-12-20T00:00:00","guid":{"rendered":"urn:uuid:d4627efb-e444-b205-edfd-6d45bc336671"},"modified":"2021-12-20T00:00:00","modified_gmt":"2021-12-20T00:00:00","slug":"2022-cybersecurity-trends-for-devsecops","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/2022-cybersecurity-trends-for-devsecops\/","title":{"rendered":"2022 Cybersecurity Trends for DevSecOps"},"content":{"rendered":"

<\/p>\n

<\/div>\n

How many articles have you read that started with some variation of \u201cthe COVID-19 pandemic accelerated digital transformation?\u201d This concept isn\u2019t new, but you may be wondering how these sudden changes will impact security. We\u2019ll explore Trend Micro Research\u2019s predictions<\/a> for 2022 and the impact on DevSecOps\u2014the cultural approach that helps you build secure apps as quick as you can say \u201cthe COVID-19 pandemic accelerated digital transformation.\u201d<\/p>\n

Cybercrime in the cloud<\/span><\/p>\n

Due to the sudden move to work-from-home (WFH), companies were forced to swiftly migrate to the cloud. Gartner predicts<\/a> that global cloud services spending will reach over $482 billion in 2022, a 54% increase from 2020. With increased spend and usership, cybercriminals are sure to migrate their attacks to the cloud.<\/p>\n

While cybercriminals will continue to target employees in phishing and BEC scams to gain credentials and access to the company\u2019s servers, we expect more cybercriminals to bypass the human attack vector and target the infrastructure directly by exploiting known vulnerabilities that are traded and sold in underground markets. Patch management will be crucial, but no need to cringe, this doesn\u2019t necessarily mean more work for you. Security teams can leverage automated virtual patching<\/a> to keep systems protected\u2014especially those which no longer receive updates.<\/p>\n

We also predict that cybercriminal groups will target the cloud\u2019s vast computing power to mine cryptocurrency as more digital currencies emerge. Keep an eye on your resources\u2014if you are using a security service with a pay-for-use structure, big spikes in your bill could point to cryptojacking.<\/p>\n

Lastly, expect malicious actors to continue targeting DevOps tools and pipelines. According to a ThycoticCentrify report<\/a>, “57% of organizations suffered security incidents related to exposed secrets in DevOps.\u201d As DevSecOps teams shift left, evidently cybercriminals are following suit by waging more campaigns on supply chains, Kubernetes environments, infrastructure-as-code (IaC) deployments, and pipelines. Since developers\u2019 token and passwords hold the keys to a company\u2019s operations, we expect to see developers and build systems serve as an initial entry point for attackers.<\/p>\n

While malicious actors may be trying out new tricks, DevSecOps teams can rely on the fundamental security guidelines to secure their cloud environment. Here are some effective tried and true security practices:<\/p>\n

Zero Day Exploits<\/span><\/p>\n

2021 was a record year for zero-day exploits; 770 vulnerabilities were detected<\/a> in the first six months\u2014more than any other year on record. Some may be quick to point fingers at code quality, but it\u2019s likely other factors are responsible, such as growing media interest in covering lucrative exploits \u201cinspiring\u201d more cybercriminals to get into the vulnerability hunting game.<\/p>\n

Malicious actors have also pivoted their techniques from studying code for flaws to exploiting the patch gap. After they\u2019ve identified potential unpatched holes in the system, cybercriminals can tailor their malware code. We also predict the rise of a dedicated \u201cwatchdog\u201d on the lookout for any disclosed vulnerabilities and deployed patches within specific companies, helping cybercriminals expedite their attacks.<\/p>\n

Although we don\u2019t solely blame weak code for the anticipated rise in zero-day attacks, DevSecOps teams need to continue improving open source code management. Leveraging legitimate and trustworthy vulnerability databases in tandem with security tools with automated open source code scanning capabilities is the simplest way to keep your code clean.<\/p>\n

Security teams can do their part by regular inventory checks and monitoring security updates from vendors so they can deploy virtual patches as quickly as possible.<\/p>\n

Connected Cars<\/span><\/p>\n

AUX cords are almost obsolete, with most new models providing wireless Apple CarPlay or Android Auto features. Hyperconnected cars will be a target for malicious actors in 2022, as they can ransom the large amounts of valuable data collected by cameras, lasers, and other sensors. The demand for smart car<\/a> information is already a substantial business and the supply is keeping pace; Toyota forecasts<\/a> that connected cars will produce 10 exabytes of data per month.<\/p>\n

Further to turning a hefty profit, we predict an increase in demand for illegal data filters that can block the reporting of risk data, or hackers will be able to clear any bad driving behavior collected by the smart car.<\/p>\n

We\u2019ve also seen enterprises transitioning more complex data-collecting tasks to the cloud. Many applications and system used by newer models are already hosted on back-end cloud servers. While this streamlines operations, it also exposes carmakers to other threats like denial-of-service (DoS) and man-in-the-middle (MitM) attacks.<\/p>\n

A strong vendor partnership is vital to secure, and future-proof connected cars. Initiatives like Open EV Software Platform, spearheaded by the Mobility in Harmony (MIH) Consortium and its partners, Arm, Microsoft, and Trend Micro are the start to creating a strong foundation for the car industry to develop a dedicated operating system for smart vehicles.<\/p>\n

If you\u2019re in the automotive industry, developer and security teams should conduct a full inventory of applications and systems that could be compromised. Once everyone is on the same page about what needs to be protected, carefully choose a security vendor that has the tools capable of meeting security needs without slowing down developers or forcing them to start at square one. Integration into existing architectures and services is key for developers to continue building on pace with the evolving connected car industry.<\/p>\n

Next steps<\/span><\/p>\n

Here are our overarching cybersecurity strategy recommendations for DevSecOps teams going into 2022:<\/p>\n