Expel debuts annual report, Great eXpeltations 2022, demystifying the biggest attack trends in 2021 and sharing guidance on how to prepare for the year ahead
Press release · Cole Finch
Herndon, Va. – January 27, 2022 – Expel, the managed detection and response (MDR) provider that aims to make great security accessible, announced today the release of Great eXpeltations 2022: Cybersecurity trends and predictions. Based on aggregated data from its security operations center (SOC), the inaugural annual report provides insights on the biggest cybersecurity threats, practical recommendations on how to handle them, and predictions on what to expect in the year ahead.
“We founded Expel with a goal of bringing more transparency to security,” said Dave Merkel, CEO of Expel. “Today we reach a new milestone tied to that commitment – we’re sharing the most important threats and trends our SOC identified last year and their advice on what to do about them. Our customer base is diverse, so we think there’s something useful in the report for an organization of any size, in any industry, at every stage of the security journey. We hope these insights help as security teams create their strategies for managing risk this year.”
Supply chain and ransomware attacks hogged headlines in 2021, and the year concluded with security practitioners scrambling to guard against the Log4j vulnerability exploit that put hundreds of millions of devices at risk.
Great eXpeltations highlights the four top attack trends that every org should build resilience against: business email compromise (BEC), ransomware, supply chain targeting, and cryptojacking.
The report explains these threats in detail and layers unique insights from Expel’s SOC leaders and analysts on the frontlines protecting customers from threat actors.
Here are some highlights from the report:
- BEC: This type of attack is still public enemy number one. Fifty percent of incidents Expel responded to in 2021 were BEC attempts. And Expel’s security analysts have spotted a trend: SaaS apps are becoming the top target.
- Ransomware: Groups like the REvil gang spurred a record high for ransomware attacks in 2021 – and they’re targeting end-users. Ninety percent of ransomware incidents Expel responded to used a “self-installation” technique to gain initial entry.
- Supply chain targeting: Attacks like the Kaseya compromise got the world’s attention in 2021, and private citizens felt the impact of widespread supply chain attacks throughout the year. While these types of attacks aren’t going away soon, the Expel SOC spotted a common pattern that every organization can guard against.
- Cryptojacking: Exploitation of web apps to deploy cryptocurrency coin miners was the free Red Team the Internet needed in 2021. While the world focused on new vulnerabilities, these attackers exploited older, known vulnerabilities. Expel is sounding the alarm: web apps are becoming top targets. Thirty-five percent of web app compromises Expel responded to resulted in deployment of a crypto miner.
For each of these attack trends, Expel’s SOC leadership shares what they saw in 2021, how to detect and prepare for these threats, and what to expect for 2022.
“We’re seeing security operations centers and security operations in general become increasingly data-driven,” said Yanek Korff, COO of Expel. “We think security is better when we share with each other to protect each other. We hope the data in this report can inform how security teams approach detection, investigation, response, and remediation for important threats this year.”
In addition to analyzing data that enables Expel to look around corners (spoiler: we’re all about to see a surge in cloud-based attacks), this report includes predictions on the evolution of security operations and how the “Great Reshuffle” will impact finding the right cybersecurity talent.
Download Great eXpeltations 2022: Cybersecurity trends and predictions to learn more.
To learn more about Expel:
Expel is a managed detection and response (MDR) provider whose vision is to make great security accessible. The company offers 24×7 security monitoring and response for cloud, hybrid and on-premises environments. Expel uses the security signals customers already have so organizations can get more value from their existing security investments. And Expel connects to customer tech remotely through APIs, not agents, so its security operations center (SOC) can start monitoring a customer’s environment in a matter of hours, letting their internal teams get back to focusing on the most strategic security priorities that are unique to their business. For more information, visit our website, check out our blog, or follow us on LinkedIn and Twitter.
Editor’s note: The following buzzwords were banned from this press release in no particular order: autonomous, military-grade intelligence, elite, artificial intelligence, leveraging, powerful, robust, changing threat landscape, end-to-end, actionable, real-time, machine learning, state-of-the-art, best-of-breed, continuous and purpose-built.