Top 5 Cybersecurity Predictions for 2022
The cybersecurity community is committed to developing and implementing technologies and solutions that protect consumers and business users in 2022. The top five cybersecurity forecasts are as follows:
Ransomware will continue to dominate the threat landscape
The forecast for increased ransomware activity in 2022 is expected, where ransomware continues to dominate the cyber threat situation. 2021 was a very active year. Ransomware will continue to be the most profitable form of cybercrime in 2022. An increase in ransomware attacks focused on data breaches for extortion purposes is expected. Like any mature business, ransomware must always keep pace with both competing and cybersecurity vendors.
Ransomware for Linux environments targeting ESXi storage or templates may increase. “Silent Ransomware” or, simply put, malware that remains dormant for some time before encrypting data can be used for further attacks. A vulnerability in Java Log4j has recently rocked the cybersecurity community due to its spread and ease of exploitation, but it has unleashed the worst of ransomware. The negative impact of Log4j is expected to be in the coming months and, in some cases, in the coming years.
Overall, ransomware as a Service has been reorganized to focus on moving into the realm of zero-day exploits for greater resilience and maximum reach.
State-funded attacks keep communities in the dark
Political tensions can have a significant impact on the cyber territory as nations vie for digital hegemony. 2022 could be a year of cyberattacks on critical infrastructure. Killware can be used in the same tactics as traditional APT, which is effective against power grids, water, and sewage systems, or public transport. This has an immediate impact on communities and societies, making it a potential weapon of choice. It’s not just a utility, it’s also part of the Internet that attackers could confuse in 2022. Hacking initiatives may be seen around the world, especially for nation-states, providing cybercriminals with a safe haven for digital crime targeting the US or European institutions.
Supply Chain Attacks and Zero-Day Markets Increase
Of the lessons learned in 2021, the most difficult to mitigate was supply chain attacks against managed service providers (MSPs). Unlike other threats, supply chain attacks are quieter, harder to stop, and spread faster. Professional cybercrime groups focus on hurting MSPs to deliver ransomware to a larger pool of potential victims. While cybersecurity vendors have begun investigating documented miter technologies, cybercriminals will focus their research on discovering and implementing new technologies to implement MiTRE/kill chain tactics. New attack vectors that utilize COM/WMI are expected as they are not monitored by existing EDR technology. The public open-source code repository also draws unnecessary attention from cybercriminal groups trying to inject malicious code into their products or infrastructure for the purpose of supply chain attacks. In addition to supply chain attacks, the use of zero-day exploits in certain targeted attacks is expected to increase.
However, zero-day and the above vulnerabilities allow cybercriminals to cause widespread damage to these organizations. Tools like CobaltStrike are increasingly being adopted by malware operators. Cybercriminals get inspiration from the community. If one group of cyber criminals becomes famous using existing tools, the rest of the community follows suit.
Data breaches fuel the fire of business attacks
Spam campaigns become much more targeted as the personal information stolen by data breaches becomes available to cybercriminals. Create customized and compelling phishing or extortion campaigns from your name and phone number, using other disclosure information such as passwords, addresses, payment history, and sexual orientation. As spear phishing (whaling, business email infringement (BEC), email account infringement (EAC)) becomes more sophisticated, it will continue to be the main attack vector in the business and telecommuting environment.
The 2022 scam could benefit from the busy online-only recruitment process imposed by the coronavirus pandemic. Cybercriminals impersonate businesses to trick potential candidates into infecting devices through popular document attachments. In addition, cybercrime operators may use this remote onboarding facility to hire careless job seekers for illegal activities such as money mulling.
IoT, Web Infrastructure, and Dark Market
In 2022, there could be a significant increase in attacks on cloud infrastructure, including those hosted by top providers. Misconfigurations and a lack of qualified cybersecurity personnel play a key role in data breaches and infrastructure degradation.
As the world gradually prepares for permanent work scenarios from anywhere, companies are constantly striving to move legacy services to the cloud. Cloud attacks are intensifying, with a particular focus on Azure AD and Office 365.
As the crypto ecosystem gets into full swing, cybercriminals are expected to become more interested in launching crypto fraud by targeting stock market operators, miners, and wallet thieves. Improving connectivity for intelligent cars also creates new opportunities for cybercriminals. Vehicle telematics has become a concern in recent years as manufacturers want to build services transmitted by vehicles on the road and cash information. However, data theft is a concern as cybercriminals can use vehicles connected to the Internet to facilitate theft, gain unauthorized access, or even take remote control of the car causing potentially deadly consequences.
Currently, we seem to be thriving in times of instability. As a result, many companies are looking for a roadmap to help them navigate and survive these turbulent times. There is no doubt that there will be major changes in 2022 and beyond. The question is how we deal with these changes. In Elon Musk’s words, “Some people don’t like change, but you need to embrace change if the alternative is a disaster.”