9 key security threats that organizations will face in 2022

Provide chain assaults, misinformation campaigns, cell malware and bigger scale information breaches are simply a few of the threats to observe for subsequent yr, Test Level Software program says.


Picture: Shutterstock/Maxx-Studio

For 2021, cybercriminals took benefit of the coronavirus pandemic, the continuing shift to hybrid work and the vulnerability of organizations to ransomware. For 2022, we are able to count on extra of the identical in addition to a number of worsening threats to maintain us on our toes. A report launched Tuesday by cyber menace intelligence supplier Test Level appears at a few of the safety challenges that organizations will doubtless face subsequent yr.

SEE: Incident response coverage (TechRepublic Premium)

Provide chain assaults will proceed to develop. Cyberattacks not simply influence the focused group however usually have a ripple impact that harms companions, suppliers, prospects and others alongside the availability chain. For 2022, Test Level expects that development to escalate with extra information breaches and malware infections. As provide chain assaults turn into extra frequent, nonetheless, governments will begin to devise rules to raised defend weak networks. Count on higher collaboration between authorities officers and the personal sector to establish and fight extra cybercriminal teams that function regionally and globally.

The cyber “chilly warfare” will ramp up. The cyber chilly warfare amongst totally different nations has been escalating, and that can intensify subsequent yr. Extra nation states and teams working on their behalf will proceed to attempt to destabilize rival international locations and governments. Terrorist teams and actions will reap the benefits of higher infrastructure and higher technological capabilities to launch extra subtle assaults.

Knowledge breaches will scale up. As information breaches scale up, organizations and governments can be pressured to spend extra money to recuperate from them, Test Level says. Following the report $40 million ransom fee paid by insurance coverage big CNA Monetary this yr, ransom calls for are anticipated to proceed to extend subsequent yr.

Misinformation campaigns will flourish. In 2021, misinformation and “pretend information” surrounding the coronavirus pandemic and the efficacy of vaccines unfold by social media and different venues. As one consequence, Darkish Internet cybercriminals turned a tidy revenue by promoting phony vaccine certificates to individuals who refused to get vaccinated. In 2022, pretend information will proceed to play a job in phishing campaigns and scams. Plus, count on to see propaganda and misinformation upfront of the US midterm elections in an try to affect voters.

SEE: 27 methods to scale back insider safety threats (free PDF) (TechRepublic)

Deepfake expertise can be weaponized. The instruments wanted to create pretend however convincing movies and audios have turn into extra superior. Cybercriminals will more and more use them to steal cash, manipulate inventory costs and sway the opinions of individuals by way of social media, Test Level says. As one instance from 2020, attackers used expertise to impersonate the voice of a director of a Hong Kong financial institution to trick a financial institution supervisor into transferring $35 million into their account.

Cryptocurrency will play a higher position in assaults. As cash turns into extra digital, criminals will more and more discover revolutionary methods to steal it. Following reviews of stolen crypto wallets triggered by free airdropped NFTs, Test Level found that attackers may steal such wallets by exploiting safety flaws. Count on extra cryptocurrency-related assaults in 2022.

Criminals will exploit vulnerabilities in microservices. Microservices have turn into a extra frequent technique for software improvement and one supported by a higher variety of cloud service suppliers (CSPs). However as with every well-liked development, cybercriminals are making the most of vulnerabilities present in microservices to launch assaults. For 2022, count on extra of those assaults focusing on CSPs.

Cellular malware assaults will enhance. As organizations shifted to distant and hybrid work in 2020 and 2021, criminals more and more turned to cell malware as an assault vector. In 2021, nearly half of all organizations reviewed by Test Level had no less than one worker who downloaded a malicious cell app. With the rising use of cell wallets and cell fee companies, attackers will proceed to take advantage of the reliance on cell gadgets.

Penetration instruments will proceed for use in assaults. Although created to assist organizations take a look at their safety defenses, penetration instruments have been exploited by cybercriminals to assist them launch simpler assaults. By customizing such instruments, hackers have been in a position to goal victims with ransomware. As this tactic continues to catch on, we’ll see them used to hold out extra information exfiltration and extortion assaults in 2022.

“In 2021, cyber criminals tailored their assault technique to take advantage of vaccination mandates, elections and the shift to hybrid working, to focus on organizations’ provide chains and networks to attain most disruption,” Test Level Software program analysis VP Maya Horowitz stated in a weblog put up.

“Trying forward, organizations ought to stay conscious of the dangers and be sure that they’ve the suitable options in place to stop, with out disrupting the conventional enterprise circulate, the vast majority of assaults, together with essentially the most superior ones,” Horowitz added. “To remain forward of threats, organizations have to be proactive and depart no a part of their assault floor unprotected or unmonitored, or they threat changing into the subsequent sufferer of subtle, focused assaults.”

Additionally see

Recent Articles


Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Stay on op - Ge the daily news in your inbox