#1 The number of ransomware attacks will continue to grow
In 2021, we observed an impressive number of ransomware attacks, and many major organizations were victims of cyber extortion.
It is easy to predict that the number of ransomware attacks will continue to increase in 2022.
As described by researchers from threat intelligence firm Advanced Intelligence, the restarting of the Emotet botnet driven by Conti ransomware gang and the new alliance between the Conti group, Trickbot gang, and Emotet’s operators could push up the ransomware operations.
In addition, the evolution of the COVID-19 pandemic will force organizations to allow remote working, thus enlarging their attack surface.
VPN and RDP accesses will also be exploited in human-operated attacks against large organizations in any industry.
#2 DeFi related hacks will cause hundreds of millions in losses
Decentralized finance (commonly referred to as DeFi) is a blockchain-based form of finance that does not rely on central financial intermediaries such as brokerages, exchanges, or banks to offer traditional financial instruments, and instead utilizes smart contracts on blockchains.
DeFi related hacks will spike in 2022, threat actors will also start fake DeFi projects to benefit from the crypto industry hype.
DeFi fraud and hacks will cause hundreds of millions of dollar losses, making this illegal practice one of the most profitable in the cybercrime ecosystem.
#3 Cyber espionage will continue to be extremely aggressive
The number of state-sponsored attacks against government organizations and critical infrastructure will increase, the most impacted industries will be the healthcare, the pharmaceutical sector, the academic, and the energy industry.
Most of the attacks will be conducted to steal Intellectual property from the victims. Russia, China, and Iran will be behind the most sophisticated campaigns targeting entities in the US, Europe, and the Middle East.
We will also continue to observe disinformation campaigns aimed at destabilizing the politics of other states, many of them will be COVID-19-themed campaigns.
#4 Supply chain attacks will become more common
In 2022 we will see an increase in supply chain attacks, almost any attack will be orchestrated by nation-state actors. These attacks aim at exploiting vulnerabilities affecting core components in the software supply chain. Threat actors could attempt to exploit bugs in industry-specific SDKs, wireless protocol stacks, and general-purpose libraries.
The success of the SolarWinds and Kaseya attacks will encourage threat actors to focus their efforts on conducting supply chain attacks. Service providers will remain more exposed to these attacks, but critical OT infrastructure will also face serious risks.
#5 Deepfakes: a dangerous weapon in the fraudsters’ arsenal
While the level of sophistication of deepfake technology will increase, threat actors will start using it in attacks in the wild. This technology could bring some attacks to the next level, let us think of CEO frauds in which crooks will impersonate the CEO of an organization by video or audio to order a wire transfer to a bank account controlled by the attackers. The interest of cybercriminals in deepfake technology will rise and deepfake attacks becoming a more utilized method for crooks starting from the second half of the year.
#6 Cybersecurity skills shortage will sharpen dramatically
The ongoing skills shortage in IT and cybersecurity will dramatically sharpen, and the security situation will keep getting worse in the next few years.
Some specific professionals such as OT cybersecurity experts will be nowhere to be found.
The laws of supply and demand imply that the cost of these professionals will continue to increase and SMBs will face serious problems in building their own cybersecurity team.
Women will continue to be underrepresented in cybersecurity, but the situation is getting better. A growing number of organizations help women enter the industry already, and specific scholarships and training programs will be offered to women studying cybersecurity at the university level.
#7 Internet of Things: a valuable target for threat actors
Systems connected to the Internet of Things will be more exposed to a growing number of cyberattacks.
Businesses are becoming ever more reliant on IoT technology also thanks to enabling technologies such as 5G networks.
Cybercriminal organizations will target them to build powerful botnets to involve in malicious activities.
We will find new sophisticated malware designed to target IoT devices, including IoT ransomware.
Despite the alerts of the cybersecurity community, most of the IoT devices continue to lack security-by-design, and poor security settings will be exploited by threat actors in massive attacks.
Most IoT attacks will target specific components such as firmware, physical and web interfaces, and network services. Outdated components and insecure update mechanisms will advantage the attackers in finding a way to compromise the devices.
IoT attacks will also focus on protocols used in the systems, especially the implementation of communications protocols.
#8 Threat actors are looking at space
In recent years, government and private businesses confirmed a strategic interest in technologies used for space missions.
A growing number of organizations are investing in the “Space Race,” they are studying innovative technologies and materials that can solve problems that emerged in the past missions and could help humans in finding new solutions for problems on the earth.
Many private companies have begun their space race, for example launching their satellites, enlarging the attack surface in orbit.
Threat actors will not only focus on satellite infrastructure, but they will also attempt to steal intellectual property from companies involved in research related to space missions. It is essential to raise the level of cybersecurity in this industry with a specific program and investments promoted by governments.
The risk of satellite attacks will remain high in the coming months.