As cybercriminals continue to take advantage of the effects of the COVID-19 pandemic, they will also find new avenues of attack such as deepfakes, cryptocurrency, and mobile wallets.
In 2021, cyber criminals adjusted their attack strategy to take advantage of vaccination mandates, elections, and the transition to hybrid labor to target organizations’ supply chains and networks for maximum disruption.
The complexity and scale of cyberattacks will continue to break records and we can expect a huge increase in the number of ransomware and mobile attacks. Looking ahead, organizations should remain aware of the risks and ensure they have the appropriate solutions to prevent them without disrupting the normal flow of business. To stay ahead of threats, organizations need to be proactive and not leave any part of their attack surface unprotected, unattended, or otherwise risk becoming the next victim of sophisticated, targeted attacks.
Global Cybercrime Predictions for 2022:
- Fake News 2.0 and the return of misinformation campaigns
The claim of “fake news” on contentious issues has become a new vector of attack in recent years without people really understanding its full implications. Misinformation about the COVID-19 pandemic and vaccination information were spread throughout 2021. The black market for fake vaccination certificates expanded worldwide and was now selling fakes of 29 countries. Fake vaccination certificates were put up for sale $ 100-120 and the volume of ad groups and group sizes of publishing salespeople has multiplied during the year. In 2022, cyber groups will continue to use this type of fake news campaign to commit cyber crime through various phishing attacks and scams.
In addition, Check Point researchers discovered a surge in malicious numbers ahead of the 2020 US presidential election election-related domains and the use of “meme camouflage” aimed at changing public opinion. In the run-up to the US midterm elections in November 2022, these activities are expected to have a full impact and a return of misinformation campaigns on social media.
- Cyber attacks on supply chains
Attackers in the supply chain take advantage of the lack of surveillance in a company’s environment. They can be used to carry out any type of cyber attack, such as data breaches and malware infections.
Well-known cybercrime – SolarWinds supply chain attack stands out in 2021 for its scale and impact, but there have also been other sophisticated supply chain attacks like Codecov in April and most recently Kaseya. Kaseya provides software for managed service providers and the REvil ransomware gang used the company to infect over 1,000 customers with ransomware. The group requested a $ 70 million ransom to provide decryption keys to all affected customers.
Attacks on the supply chain are becoming more common and governments need to regulate to combat these attacks and protect networks. They will also consider working with the private sector and internationally to identify and target more threat groups at the global and regional levels. Expect to learn more about the global impact of the infamous sunburst attack in 2022.
- The cyber cold war is intensifying
The cyber path is becoming more and more intense and taking place online, as more and more nation-state actors urge Western governments to further destabilize society. Improved infrastructure and technological capabilities will allow terrorist groups and political activists to advance their cybercrime agendas and carry out more sophisticated, widespread attacks. Cyber attacks are increasingly used as proxy conflicts to destabilize activities around the world.
- Data breaches are bigger and more costly
By 2022, we will see an increase in data breaches that will be greater. These violations can also increase the cost of recovery to businesses and governments. In May 2021, a US insurance giant paid a $ 40 million ransom to hackers. That was a record, and we can assume that the ransom demanded by attackers will increase in 2022.
Technology Cybersecurity Predictions for 2022:
- Mobile malware attacks are on the rise as more people use mobile wallets and payment platforms:
In 2021, 46% of the organizations at least one employee had downloaded a malicious mobile application. The move to remote working for almost all of the population around the world during the COVID-19 pandemic resulted in a dramatic increase in the mobile attack surface 97% of the organizations faced with mobile threats from various attack vectors. As mobile wallets and mobile payment platforms become more widely used, cybercrime will continue to evolve and its techniques will adapt to take advantage of the growing reliance on mobile devices.
- Cryptocurrency is becoming a hotspot for cyberattacks around the world
When money becomes mere software, the cybersecurity necessary to protect us from the hackers who steal and manipulate bitcoins and altcoins is sure to change in unexpected ways. As reports of stolen crypto wallets triggered by NFTs dropped for free become more common, Check Point Research (CPR) investigated Open sea and proved that it was possible to steal crypto wallets from users using critical security. An increase in attacks related to cryptocurrencies is expected in 2022.
- Attackers use vulnerabilities in microservices to launch large-scale attacks
The move to the cloud and DevOps will lead to a new form of cybercrime. As microservices become the leading method for application development and the microservice architecture is adopted by cloud service providers (CSPs), attackers use vulnerabilities in microservices to launch their attacks. We can also expect large-scale attacks on CSPs.
- Deepfake technology turned into a weapon
Techniques for counterfeit video or audio files are now so advanced that they are weaponized and used to create targeted content to manipulate opinions, stock prices, or worse. As with other mobile attacks based on social engineering, the results of a phishing attack can range from fraud to advanced espionage. For example in one of the most important deepfake phishing attacks, a bank manager in the The United Arab Emirates fell victim to fraud by a threat actor. Hackers used AI voice clones to trick the bank manager into transferring $ 35 million. Threat actors will use deepfake social engineering attacks to gain permissions and access sensitive data.
- Penetration tools keep growing
Worldwide in 2021, 1 out of 61 organizations was hit by ransomware every week. Cybercrime from ransomware will continue to rise despite efforts by law enforcement agencies around the world to limit this growth. Threat actors will target businesses that can afford ransom, and ransomware attacks will become more sophisticated in 2022. Hackers will increasingly use penetration tools to customize attacks in real time and to live and work on victim networks. Penetration tools are the engine behind the most sophisticated ransomware attacks that took place in 2021. As this attack method becomes increasingly popular, attackers will use it to carry out data extraction and blackmail attacks.
Republished with permission from the World Economic Forum. read this original article.
#Cybercrime #predictions #deepfakes #cryptocurrencies #misinformation