Check Point Software Technologies, a cybersecurity solutions provider has issued its cybersecurity predictions for 2022, predicting that cyber-attacks will break new records for ransom demands next year. Cyberattacks on supply chains will also grow more prevalent in the coming year, according to the report.
“Going into 2022 we will see an increase in data breaches that will be larger scale. These breaches will also have the potential to cost organizations and governments more to recover, the company warned.
“While cybercriminals continue to leverage the impact of the COVID-19 pandemic, they will also find new opportunities for attack with deepfakes, cryptocurrency, mobile wallets, and more.”
According to the report, hackers are expected to set new milestones in terms of ransom demands next year. Mobile malware attacks are expected to rise as more people use mobile wallets and mobile payment networks, and cryptocurrency is expected to become a focal point for cyberattacks.
Commenting on the predictions, Maya Horowitz, VP Research at Check Point Software said, “In 2021, cybercriminals adapted their attack strategy to exploit vaccination mandates, elections and the shift to hybrid working, to target organisations’ supply chains and networks to achieve maximum disruption.
“The sophistication and scale of cyberattacks will continue to break records and we can expect a huge increase in the number of ransomware and mobile attacks.”
The following are some of the highlights from the 2022 Global Cybersecurity Predictions report:
Fake news and misinformation campaigns return
- Throughout 2021, misinformation was spread about the COVID-19 pandemic and vaccination information.
- In 2022, cyber groups will continue to leverage fake news campaigns to execute various phishing attacks and scams.
Supply chain cyber-attacks continue to increase
- Supply chain attacks will become more common and governments will begin to establish regulations to address these attacks and protect networks, as well as collaborate with the private sectors and other countries to identify and target more threat groups globally.
The cyber ‘cold war’ intensifies
- Improved infrastructure and technological capabilities will enable terrorists groups and political activists to further their agendas and carry out more sophisticated, widespread attacks.
- Cyberattacks will increasingly be used as proxy conflicts to destabilise activities globally.
Data breaches are larger scale and more costly
- Data breaches will happen more frequently at a larger scale and cost organisations and governments more to recover.
- In May 2021, US insurance giant paid $40 million in ransom to hackers. This was a record, and we can expect ransom demanded by attackers to increase in 2022.
Cryptocurrency gains popularity with attackers
- When money becomes purely software, the cybersecurity needed to protect against hackers stealing and manipulating bitcoins and altcoins is sure to change in unexpected ways.
Attackers target mobile
- As mobile wallets and mobile payment platforms are used more frequently, cybercriminals will evolve and adapt their techniques to exploit the growing reliance on mobile devices.
Attackers will leverage microservices’ vulnerabilities
- With microservices architecture being embraced by Cloud Service Providers (CSPs), attackers are using vulnerabilities found in them, to launch large-scale attacks on CSPs.
Deepfake technology is weaponised for attacks
- Techniques for fake video or audio are now advanced enough to be weaponised and used to create targeted content to manipulate opinions, stock prices or worse.
- Threat actors will use deepfake social engineering attacks to gain permissions and access sensitive data.
Penetration tools continue to grow
- Globally in 2021, 1 out of every 61 organisations was being impacted by ransomware each week.
- Threat actors will continue to target companies that can afford paying ransom, and ransomware attacks will become more sophisticated in 2022.
- Hackers will increasingly use penetration tools to customise attacks in real time and to live and work within victim networks.
Why Supply Chain Attacks?
Supply chain threats, according to Check Point Research (CPR), will grow more widespread, and governments will begin to adopt regulations to address them and protect networks.
They are also likely to look into partnering with the private sector and other countries in order to identify and target new global and regional danger groupings.
Attackers in the supply chain take advantage of a lack of monitoring in a business’s environment. They’re capable of carrying out any type of cyberattack, including data breaches and malware infections.
Due to its scope and significance, the well-known SolarWinds supply chain attack stands out in 2021, but other sophisticated supply chain attacks, such as Codecov in April and Kaseya most recently, have also happened.
The REvil ransomware group exploited Kaseya, a provider of software for Managed Service Providers (MSPs), to infect over 1,000 customers with ransomware. The group demanded a ransom of $70 million in exchange for decryption keys for all impacted customers’
In May 2021, the US insurance giant paid $40 million in ransom to hackers. This was a record, and we can expect ransom demanded by attackers to increase in 2022.
Commenting on the predictions and the path ahead, Ms Horowitz said, “Looking ahead, organisations should remain aware of the risks and ensure that they have the appropriate solutions in place to prevent, without disrupting the normal business flow, the majority of attacks including the most advanced ones.
“To stay ahead of threats, organisations must be proactive and leave no part of their attack surface unprotected or unmonitored, or they risk becoming the next victim of sophisticated, targeted attacks.”