KnowBe4 2022 Predictions: Cybersecurity Threats in 2022: Go Big or Go Home
Industry executives and experts share their predictions for 2022. Read them in this 14th annual VMblog.com series exclusive.
By Javvad Malik, SecurityAwareness Advocate, KnowBe4
It has been quite the year. Andwho really could have predicted that we would still be talking aboutlockdowns nearly two years since the start of the pandemic? When it comes tocybersecurity, the word on everyone's lips in 2021 was clearly ransomware andit is a trend we will likely see continue and evolve in 2022, along with a fewother attack vectors. These may sound like complex Hollywood plots, but whetherthey emerge full-blown in 2022 or the foundations are merely laid - theprobability of seeing these come to fruition is high.
First up on the list is nuclearransomware 3.0, which sees ransomware gangs morph into "everythinggangs". Instead of just performing ransomware and data exfiltrationattacks, they are cryptomining, creating botnets, carrying out DDoS attacks andmore. The attack gangs of the future will look at every new victim as a pot ofgold and try to figure out what to do - and in which order - to maximizefinancial value extraction.For example, maybe they first do passwordexfiltration, then kick in a BEC compromise, next cryptomining, then dataexfiltration/identity theft, experiment with spear phishing trusted partners,then and only then, ransomware encryption. While 2021 has seen thedouble-extortion tactics take off, 2022 could see multiple incursions. It willmake us long for the good ol' days when they just locked up our data.
Secondly, a new dangerous andpersistent metamorphic malware family called "Tardigrade" is a recent strain ofWindows malware. It can constantly adapt to avoid detection and was first foundtargeting the biotech industry, including the infrastructure behind vaccinemanufacturing, according to security researchers. This "metamorphic" abilityprevents the malware from leaving a consistent signature behind, making it veryhard for antivirus programs to spot. It contains the sneaky ability to spreadboth via phishing emails and USB devices. Similarto Stuxnet, Tardigrade was obviously developed by a highly sophisticatedorganization, probably a nation-state. However, now that it is in the wild, wecan expect it to be unleashed by far less sophisticated threat actors, uppingthe stakes yet again.
Third, remember when Facebookchanged its name to Meta? Well, the brand formerly known as Facebook willentice the masses to join the Metaverse. And where the people go, criminalswill follow. We will likely see virtual attacks against both individuals and organizationsusing Meta as the host environment. This will include virtual looting, virtualtheft, account takeovers and more creative criminal exploits.
Fourth, disinformation poweredby deep fakes will cause a political/financial circus. It can be argued thatthis has already happened to some extent, but the advancement of deep faketechnology will bring about a coordinated disinformation campaign that willrely heavily on deep fakes and manipulated footage to cause apolitical/financial circus. A deep fake could be used to manipulate a certainpolitical party's views by stating false opinions, promises or beliefs of aparticular candidate. This could cause a chain reaction of certainorganizations pulling funds from a political campaign based on statements madeby the deep fake.
And speaking of financialcircuses, fifth on the predictions list is an attack against cryptocurrency willhit real-world economies. It will involve a major cryptocurrency beingattacked, causing billions of dollars in lost value - either through directtheft or in value loss. Many individuals and organizations will be severelyimpacted and it could even be referred to as the Black Crypto Day.
A sixth prediction is the rise ofdark economy with M&A. A lot of criminal gangs have become extremelywealthy. In fact, some shady organisations are large enough to be listed on astock exchange. So, we will see a more formalised dark economy emerge with someM&A activity taking place as gangs look to cash-in by selling their organizations,while others look to grow in capability and reach.
And finally, a bonus prediction:when AI goes wrong in 2022. We will likely see the first wave of intelligentattack bots. The future of this threat means that we will inevitably see aclash between good threat hunting bots versus bad bots - and the one with the bestalgorithm wins.
All in all, in many ways, it mayappear as if things are getting worse for cybersecurity professionals who aretrying their best to protect their organizations. However, we are starting tosee more of a focus on the human element and human behavior of cybersecurityprotection measures. This is a positive shift in direction because organizationscan implement all of the technical tools and controls in the world, but if theydo not focus their efforts on the human layer of security and improvingsecurity awareness, they are going to run into challenges. At the end of theday, a strong security culture is what truly matters and what we will seeorganizations focused on as we move into 2022.
##
ABOUT THE AUTHOR
Javvad Malik is a security awareness advocate for EMEA at KnowBe4. A security professional of 20 years, Malik began his career as an IT security administrator. He has since worked as a consultant, an industry analyst, and a security advocate. Malik is well-known within the information security industry, having spoken at many events and conferences around the world in addition to being a YouTuber, podcaster, blogger, and researcher. With a distinctive style, he takes a fresh and often innovative look at even mundane topics and presents them in an entertaining and informative light. Tackling the most complex issues with ease in this witty style is Malik’s forte.
