As we all get back into the swing of things after the festive period, it’s time to take a look at the evolution of the ransomware landscape in 2022. Security experts believe that the level of sophistication and scale of cyber attacks will continue to increase, causing record-breaking financial losses.
Dramatic Increase in Ransomware
Ransomware, for those who don’t know, is a type of malicious software designed to block access to a computer system until a sum of money is paid. Ransomware is a cyber security issue that isn’t going away anytime soon. It will become more aggressive and widespread, while cybercriminals behind major ransomware operations will attempt to extend their operations targeting mobile and IoT (Internet of Things) devices. Ransomware attacks increased 102% in the first half of 2021 compared to the first half of 2020, indicating that it is a growing security issue.
The extortion practice through ransomware will continue to grow, despite the efforts of government organisations and law enforcement agencies to curb this criminal phenomenon. Ransomware will likely become automated this year. Human operated ransomware will be the biggest cyber risk for organisations in 2022. Different from traditional commodity ransomware attacks, we’ll see more cybercriminals with a high level of offensive security knowledge gain access to organisations and survey the environment for an extended period before launching a potentially devastating attack on data and systems. The risk presented by human-operated ransomware will only increase. Additionally, automation will play a key part in the evolution of modern ransomware and malware attacks, with machine learning and artificial intelligence (AI) used to remove some of the mistakes that allow businesses to respond to current threats.
Ransomware gangs will continue to target large organisations that can afford to pay a ransom, but they will also benefit from penetration tools to carry out a dragnet offensive against SMEs (small to medium-sized enterprise, a company with no more than 500 employees). At the same time, financial services and healthcare organisations will experience a surge in ransomware attacks in the next months.
Attackers are using “triple extortion” ransomware techniques in which the attackers, in addition to stealing sensitive data and threatening to release it publicly unless a payment is made, also target the organisation’s customers, vendors, or business partners in the same way.
Advanced Phishing Tactics
Phishing can be defined as the fraudulent practise of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.
Attackers are evolving their strategies to make their attacks appear more authentic. Instead of relying on the usual tactics, attackers will develop their approach to leverage more customised and personalised attacks. Phishing attempts may come in the form of job applications, requests for quotes or even spoofing an existing customer’s email. Phishing volumes have already surpassed levels seen in 2020, and in 2022 we’ll see a rise of update-themed phishing emails designed to trick remote employees into believing they are legitimate updates, as well as those used to tailgate employees into restricted areas under the guise of being a new employee hired during the lockdown.
Attacks on Remote and Hybrid Working
2022 will be the year of remote risk. With remote and hybrid working here to stay, Spire (and many other cyber security experts) expects to see a large increase in mobile malware attacks. Without the correct policies and procedures put in place, your business may be open to attackers. Cybercriminals will evolve and adapt their techniques to exploit the growing reliance on mobile devices and remote working. Social engineering will remain the initial attack vector for deployments of malware, phishing, and ransomware, with an increase in Deepfake technology making attacks more technologically convincing in 2022. Attackers may use Denial of Service (DoS) attacks to overwhelm your organisational security and bring your organisation to a standstill (continuitycentral.com, Dec 2021).
With this rise of remote and hybrid working, zero trust will become critical in 2022. Lack of secure cloud configuration will continue to cause security breaches and organisations will seek to separate users and devices from data, applications, infrastructure, and networks, through the identify, authenticate, authorise, and audit model (IAAA). Extended detection and response (XDR) will also become the technology of choice for zero trust, enabling rapid detection and response of threats across endpoint, network, web and email, cloud and importantly identity.
Cyber Security Tips
- Keep your software updated.
- Enable anti-virus software such as ESET.
- Use strong passwords (and change them regularly).
- Back-up your data.
- Communicate with your colleagues about what phishing attempts look like and what to look out for when receiving a suspicious email.
Need some help with your cyber security or IT? Fill out the brief form in the top right of this page and one of our IT team will get in touch with you to provide you with some additional information.