Mobile malware, supply chain attacks, misinformation campaigns, and large scale data breaches represent just a handful of the threats that experts recommend looking out for next year. In 2021, cyber criminals cashed in on coronavirus pandemonium, the transition to remote work, and opportunities for ransomware deployment. In 2022, organizations are liable to see more of the same, in addition to new threats that could threaten business operations.
A recent report from Check Point Software highlights the growing security difficulties that organizations may face within the next year:
- Supply chain attacks will continue to proliferate. However, as supply chain attacks grow increasingly common, governments may push for new legislation and regulations to better protect vulnerable organizations, industries and networks. Experts anticipate increased collaboration between federal officials and private sector groups in order to better identify and combat supply chain threats.
- The cyber “cold war” will get colder. Cyber standoffs between powerful nations will likely intensify in the next year. New nation-state hackers are at work, operating on behalf of world powers, destabilizing rival countries and governments. Further, terrorist groups may take advantage of improved operational infrastructure and enhanced technological capabilities to deploy increasingly sophisticated attacks.
- Data breaches at scale. Experts state that as data breaches scale up, organizations and federal agencies will need to spend huge sums of money in order to recover. In this past year, for example, CNA Financial paid $40 million in order to recover files. For the most part, experts advocate for prevention and defense mechanisms and do not generally advise paying ransoms.
- Misinformation is mushrooming. In 2021, misinformation pertaining to the coronavirus pandemic spread across the web; much of it focused on vaccines. As a result, dark web cyber criminals turned a profit through the solicitation of fake vaccine certificates. In 2022, internet-based misinformation schemes are likely to increase, especially as the US midterm elections approach.
- Deepfake technology as a weapon. The use of deepfake technologies in cyber criminal schemes has already been reported and experts contend that, as deepfake tech improves, more deepfake-related scams are likely to emerge. However, new deepfake dupes could result in widespread harm. For example, the manipulation of stock prices could result in vast organizational and personal losses. Or, a phony video of a politician could rapidly escalate geopolitical tensions.
- Cryptocurrency takes the stage. As digital currencies continue to develop, cyber criminals are likely to capitalize on this newfound form of cash. Cyber criminals are expected to find increasingly innovative ways to steal it. Earlier this year, Check Point researchers discovered that attackers could steal cryptocurrency wallets via the exploitation of security flaws.
- Cyber criminals to exploit vulnerabilities in microservices. Cloud service providers (CSPs) now readily support microservices; a common method for application development. But, as with any popular trend, cyber criminals have determined how to exploit microservices for their own gain. In 2022, organizations should expect to see more microservices attacks that target CSPs.
- Mobile malware attacks. In 2021, nearly 50% of organizations had at least one employee who unintentionally downloaded a malicious mobile app. Given the ever-increasing quantity of business information available via mobile devices, which is attractive to criminals, new ways to exploit this attack target are likely to emerge.
- Penetration tools will continue to be used in attacks. Although these tools were initially developed to help organizations test security defenses, hackers have found them useful for their own purposes. By customizing these tools, hackers have successfully targeted victims with ransomware. As this tactic continues to catch on, we’ll see them used to carry out further data exfiltration and extortion attacks in 2022.
“Looking ahead, organizations should remain aware of the risks and ensure that they have the appropriate solutions in place to prevent, without disrupting the normal business flow…” says Check Point Software research VP Maya Horowitz.