Jan 19, 2022
While many of us spent 2021 trying to cope with the ongoing Coronavirus pandemic, being concerned about the new variants Delta and Omicron and how they might affect international trade and our own bottom lines, cybercriminals exploited these same distractions to find the cracks in security systems and breach networks in new and innovative ways. It is no coincidence that as technology industries continue to grow, including Internet of Things, remote work applications, cloud infrastructure and even self-driving cars, the threat of a breach is increasing as well.
Last year was marked by threats that continued to involve the move to work from home and the accompanying exploitation of unpatched systems and weaknesses, while criminals actively exploited security holes created as everything moved to cloud-based infrastructures. In 2022, we expect to see more of the same trends surrounding working from home, supply chain attacks, threats to mobile wallets including cryptocurrencies, new ransomware and an increase in deepfake attacks. To prepare for future risks, organizations should make sure they have the right solutions in place to prevent attacks without interrupting their normal operations. Organizations need to be proactive in securing and monitoring their attack surfaces, otherwise they risk becoming the next victim of sophisticated, targeted attacks.
In 2021, 1 out of every 61 organizations was being impacted by ransomware each week. Sonicwall reported that ransomware attacks more than doubled between Q3 of 2020 to Q3 of 2020, from 78.3 million to 190.4 million attacks, making 2021 the “most costly and dangerous year on record.” The shift to hybrid work and vaccination mandates allowed cyber criminals to target supply chains and networks in an increasing number of organizations of all sizes from SMBs to large international enterprises. The total fallout of losses from cybercrime last year alone, caused losses of more than $6 trillion globally.
Ransomware will continue to be a major source of cybercrime. Threat actors will continue to target companies that can afford paying ransom, and ransomware attacks will become more sophisticated in 2022. Penetration tools will be increasingly used by hackers to customize attacks in real time and to live and work within victims' networks. Data exfiltration and extortion will be carried out by using this attack method as it gains popularity. In addition, the lack of skilled cybersecurity specialists will reduce an organization's ability to defend against ransomware attacks. Many of the vectors used by ransomware operators to target enterprises will remain in play, including virtual private networks (VPNs), phishing emails and SMS texts, and exposed remote desktop protocol (RDP) ports.
Remote work will continue to provide security headaches as social engineering and brute-force attacks are used to obtain credentials to corporate information and service. Employees make use of home devices to access office networks, which are not subject to the same security restrictions as corporate devices, which complicates attempts to monitor and control digital activity for the sake of company security. We’re already seeing the possibility of a major disruptive attack in the log4j vulnerability uncovered at the end of 2021, already considered the “most serious” security breach in history. Much of the internet, including major cloud storage companies like Google, Amazon and Microsoft cloud, as well as the software on many “smart” appliances, is filled with the log4j vulnerability. This flaw sent nearly all major software companies into crisis mode as it uncovered an easily exploitable vulnerability that could be used by cybercriminals for data theft and malware distribution. Perhaps the scariest part is how ubiquitous it is as it’s part of industry-wide Apache products: it’s been found to be easily exploitable in everything from video game Minecraft to Microsoft products.
One of the major trends for 2022 will be the continuing rise of mobile malware, which is believed to become an enticing target to state-sponsored cyber groups as the cyber “Cold War” intensifies. Mobile malware cyberattacks will increasingly be used to destabilize activities globally, as malware infection is harder to prevent and detect on mobile devices. In addition, as more people use mobile wallets and payment platforms, mobile malware attacks are likely to increase. Cryptocurrency wallets are predicted to become especially vulnerable in 2022. There was a 10-fold increase in attacks during just the first half of 2021 and were primarily orchestrated through social media. This may become an increasing issue as attackers weaponize deepfake technology to clone voices (and even faces) to social engineer attacks to gain permissions to sensitive data.
Despite the stark warnings regarding the state of cybersecurity in the future, there are some good developments. Artificial intelligence (AI) and machine learning have already revolutionized cybersecurity, and in 2022 their impact will continue to rise. Both ML and AI make it easier for organizations to detect and respond to threats much quicker and more effectively than before. AI-powered dashboards will continue to help security professionals to identify potential attacks rapidly. Machine learning tools are also being deployed that detect ransomware in image files before they are opened. By using machine learning and artificial intelligence, security teams can automate detection of intrusions and reduce fraud.
More cybercriminals are being caught, with many successful investigations resulting in prosecution. Criminal justice agencies have improved their skills at identifying and arresting cybercriminals, and have become better at capturing them. Having this greater oversight will increase business and consumer security as cybercriminals will be less able to operate with impunity.