Now that 2022 is here, we are all waiting to see what the new year will bring. While no one has a crystal ball that can tell us what to expect, this set of cybersecurity predictions for 2022 encompass the evolution of existing threats and how organisations can keep themselves safe.
2021 was another busy year for cybersecurity professionals, with several high profile, far ranging attacks on top of the usual business as usual level of attacks. Attacks on Microsoft Exchange and Kaseya impacted hundreds if not thousands of organisations. Ransomware on the Colonial Pipeline brought the eastern United States to a standstill, and the US declared a cold war on cyber on Russia.
On the other hand, there were some successes in the war against cyber crime. The cyber gang behind the Emotet malware was taken down in January (only to resurface again in November), and several members of the high profile REvil or Sodinikobi gang were arrested during the year. Organisations also became better at repelling attacks, including the University of Oxford who prevented criminals from damaging vaccine development.
Based on 2021 the cybersecurity predictions for 2022 look like quite a ride.
Two for the price of one: New ransomware techniques
Ransomware is going nowhere. It continues to be the most lucrative form of attack, and cyber criminals are not ready to lose the income streams. In fact, our cybersecurity predictions for 2022 suggest that ransomware will evolve even further.
Extortion methods will evolve in 2022. In 2021, double extortion attacks used exfiltration of data before encryption to allow attackers to extort a ransom even if the organisation uses their backup rather than paying for a decryptor. In 2022, we predict that several techniques will be linked together to extort ransoms.
Specifically, we expect to see wiping malware which will delete data and cripple critical systems, and distributed-denial-of-service attacks (DDoS) which aim to overwhelm IT teams, challenging them to make quick decisions to deal with attacks.
Combining both of these techniques could be devastating for organisations. They will need to strengthen security, implementing zero trust controls, endpoint detection, advanced antivirus protection, and efficient backups to protect their organisation from ransomware.
Act fast: Attackers will actively hunt new vulnerabilities
2021 saw an all-time high in the number of zero-day exploits, and we are expecting another record breaking year in 2022.
Zero day and unpatched vulnerabilities offer several opportunities for cyber criminals. Successful attacks such as the Hafnium attack against seven Microsoft Exchange vulnerabilities (four of which were zero days) has shown the riches on offer for attackers who mobilise quickly to discover and exploit new bugs. We expect cyber criminals to reduce the time it takes them to exploit vulnerabilities down to days or even hours.
Vendors will have to work quickly to produce patches, and organisations may need to up their patching game. Once a patch is released attackers can analyse the patch to gain knowledge of where to attack. Most organisations take weeks or months to apply patches, and the longer the patch gap, the more opportunity for cyber criminals who will actively hunt for unpatched vulnerabilities. The race will truly be on to patch as quickly (and responsibly) as possible.
Spare a penny? Digital wallets are at the forefront
As adoption of digital wallets grows, they are increasingly attractive targets for cyber attackers. Where banks and other financial institutions have improved their security features, digital wallets are seen as the weakest link.
Our cybersecurity predictions for 2022 suggest that digital wallets will become the front line. Criminal actors will actively target digital wallet holders with phishing and social engineering attacks and malware to gain access to stored crypto wallet credentials in order to drain accounts.
For digital wallet developers, the challenge in 2022 will be to continue to develop wallets that are able to withstand direct attack. They will also need to develop authentication and transfer methods that will help users stay secure, for example by using multi factor authentication based on biometric identification.
Go big or go home: The new cybersecurity cold war
In 2021, the attacks got bigger, and the response became harder. Following the attack on Colonial Pipeline, the US government publicly denounced Russian state support for cyber criminals, and declared that they would fight back. At the same time, the US government tightened their response against US organisations who pay ransoms following an attack.
We predict that this cat and mouse pattern will become more prominent in 2022. State sponsored attacks will continue against significant targets, governments and agencies from the US and her allies will continue to fight against those states, and organisations of all shapes and sizes will get caught in the middle.
Not just up in the sky: Cloud security is real
As organisations undergo digital transformation, they are increasingly adopting cloud technologies. As a result, cloud and SaaS vendors are ever more important for the daily operations of millions of organisations around the world.
Cloud and SaaS vendors make attractive supply chain targets. For example, by disrupting the availability of a cloud provider, attackers can cause downtime for all the organisations who rely on them. By gaining access to a SaaS provider’s systems, attackers can (and have) spread ransomware throughout their entire supply chain.
We expect attacks against cloud vendors and SaaS providers to increase in scope and ferocity during 2022. Supply chain attacks will become more sophisticated and grow in scope. Expect more lateral movement attacks which will aim to exploit misconfigured enterprise APIs, and take advantage of integrations between SaaS products to move through the entire ecosystem, and even link supply chains together.
As a result organisations at the end of the supply chain will need to take their own responsibility for their own network architecture and cloud security configurations.
The machines are taking over: The machine learning game is changing
Machine learning is fast becoming a game changer in cybersecurity. An ever increasing number of SaaS products use machine learning or AI to recognise patterns and strengthen their products. This includes security vendors who use machine learning in their products.
Our cybersecurity predictions for 2022 bring bad news for vendors and customers who use machine learning – we predict that cyber criminals will begin to develop ways to attack machine learning systems.
Cyber criminals may find ways to tamper with the machine learning cores on security systems, training them to ignore certain types of attack or activity. We expect that attackers will also look for loopholes to evade the machine learning tools entirely.
The lesson for organisations everywhere is to keep a human eye over the machines to ensure that you can discover attacks before it is too late.
Fighting back: Taking on the challenge of staying safe
Organisations are fighting back, and we have several predictions for 2022.
Back to basics: Ensure your security is effective
Even in this era of constantly evolving threats, an effective cybersecurity programme that applies all the principles of days gone by – patching vulnerabilities, strict access controls, hardened servers, network security, and more will help organisations stay safe from attack.
Trust nobody: Zero trust is here
Zero trust is the principle of trusting nothing. In practical terms, users, devices, and systems are required to undergo verification every time they access the network. In zero trust the network itself is aggressively segregated, lateral movement is restricted, users are given granular access rights, and the principle of least privilege rules supreme. We predict that zero trust will be a priority for regulators, users, and organisations alike in 2022.
Who are you? Expect changes to authentication mechanisms
Authentication mechanisms are the weakest link for many organisations and users alike. We predict that authentication will see some major updates in 2022: wider use of multi factor authentication (MFA), through authenticator apps, Windows Hello, or SSO solutions; the introduction of 3FA or more; users will be encouraged to use more biometrics; and could 2022 see the end of passwords?
Cybersecurity predictions for 2022: Good luck to us all!
If the last few years have been anything to go by, 2022 promises to be unprecedented and full of new twists on old attacks. Our cybersecurity predictions for 2022 are just the tip of the iceberg, so hold on tight, and good luck.