CISOs will not be able to take a break in 2022. What has undoubtedly become the most “stressful” ICT profession is going to need to be bolstered with more budget and renewed energy. And is that as they point out from Check Point in their report on cybersecurity trends for next year, what we have seen in 2021 is just an appetizer of what we can face in a few months.
With increasingly sophisticated tools and the ransomware As the main weapon, cybercriminals will continue to increase their pressure on companies, demanding higher ransoms, but also on public institutions, in a cyber cold war that increasingly resembles a real war. This is, according to CheckPoint experts, what awaits us.
Attacks on the supply chain grow
Cyberattacks have stopped focusing on the company as an individual and isolated “entity”, to move and replicate throughout its entire supply chain, which includes partners, suppliers and customers of the same.
As the number of attacks and security breaches experienced by companies grows in 2022, so will the number of attacks that infect the entire chain. According to CheckPoint experts, this can lead governments to develop stricter legal frameworks, with which to protect the most vulnerable networks.
In this sense, a greater collaboration between public administrations and the private sector is expected, to identify cybercriminal groups earlier and thus be able to combat them more effectively.
The ‘Cold War’ intensifies
The scenario of “cyber war” that the Western world has been facing for years with countries such as North Korea, Russia and Iran, has been joined in the last two years by a less and less cold war between China, the United States and some of their countries. allies.
It is expected that hacker groups sponsored by all kinds of governments will increase their “hostile” activity in 2022, putting critical infrastructures in their sights, such as power plants, oil and gas pipelines, or water purification plants.
More security gaps
If ransomware has become the biggest security problem this year, in 2022 the trend is set to become even more pronounced. As security breaches multiply, organizations and governments will be forced to invest more money to recover from these types of attacks, either to pay ransoms or in disaster recovery.
In 2021, misinformation and “fake news” surrounding the coronavirus pandemic and the effectiveness of vaccines have spread like wildfire through social media and other media.
As a consequence, on the “dark web” and on platforms such as Telegram, illegal businesses have proliferated from which false vaccination certificates or COVID certificates that hide malware inside..
Of course, in 2022 this type of misinformation will continue to play a fundamental role in all kinds of attacks by phishing and scams, not to mention the more than foreseeable role they will play in future elections, such as the mid-term to be held in the United States.
Until not too long ago, it was not excessively difficult to distinguish a deep fake from a real image. This is no longer the case. Both video and audio tools have become more sophisticated and advanced.
Cybercriminals have already successfully demonstrated in 2021 that they are capable of using this technology to steal money, manipulate a company’s stock market price, and influence people’s opinions on social media.
As an example, in CheckPoint they tell how in 2020 the attackers used this type of technology to impersonate the director of a Hong Kong bank, who in an alleged phone call tricked the director of one of the branches into transferring the attackers 35 millions of dollars.
More attacks on the world of cryptocurrencies
As cryptocurrencies become popular and are no longer a product reserved for early adopters, cybercriminals are going to do whatever they can to get hold of them.
We are not only going to see how in 2022 the attacks on the different exchangesInstead, imaginative methods of stealing wallets are going to become popular. From CheckPoint they warn, for example, about supposed free NFTs with which attackers can directly attack wallets that present certain security flaws.
Containers and microservices
Containers and microservices have become one of the most popular ways to develop applications in the cloud. And although containers are more secure than other forms of development, they are not invulnerable … so yes, cybercriminals have started to actively exploit their weakest elements and in 2022 they will continue to do so.
Mobility and hybrid enterprise
As companies have made it easier to work remotely, pressure from cybercriminals on teleworkers has also increased, especially in the form of attacks on mobile devices.
In 2021, nearly half of the organizations checked by Check Point had at least one employee who downloaded a malicious mobile app. With the increasing use of mobile wallets and mobile payment services, attackers will continue to exploit the dependency that almost everything we have on these terminals.
Defense tools, to attack
Although created to help organizations test their security defenses, penetration tools have been exploited by cybercriminals, helping them very effectively to launch more effective attacks.
By customizing these tools, hackers have been able to target victims with ransomware. As this tactic continues to catch on, we’ll see how they are used to carry out more data exfiltration and extortion attacks in 2022.