The threats of ransomware will continue to grow until governments and technological innovations make significant changes to the cost-benefit calculations for attackers, as crime is simply too lucrative. Such attacks are also expected to increase in serious industries where it is imperative to pay cyber criminals to protect health and safety. New tactics are expected from attackers as they become more business savvy and expect counter-negotiation strategies.
In addition, ransomware-a-service operations have the expected increase in conflict between bad performers, which affects how victims and organizations think about paying ransom. U.S. The government has imposed sanctions on suspected dangerous artists in an attempt to curb ransomware attacks. However, this approach of preventing organizations from paying ransom money can lead to negative asylum for victims.
DeepFax is another threat that has been used to circumvent Business Email Compromise (BEC) fraud, multi-factor authentication (MFA) protocols and to know your customer (KYC) ID verification and will be increasingly used in 2022 and beyond. .
Leading nation-state actors from Russia, Iran, China and North Korea will maintain an aggressive stance to promote each of their regional interests. Russia’s operations will expand, targeting NATO, Eastern Europe, Afghanistan and the energy sector. Iran will use its cyber tools to target Israel and the Middle East in an attempt to change the balance of power in its interests. Using cyber espionage, China is ready to support the Belt and Road initiative and measure its performance. North Korea will improve its cyber capabilities and take risks despite its financial and geographical challenges.
As organizations rely on cloud and cloud-hosted third-party providers, they face increasing pressure from third parties to maintain availability and security. The growth of cloud adoption by 2022 will coincide with an increase in cloud compliance and abuse.
The outlook for 2022 threats looks serious as ransomware actors become more aggressive and adept at avoiding defenders’ tactics and negotiations. Attacks are likely to be more extensive and lucrative for cyber ransomware. While government agencies are considering downsizing the ransomware-a-a-service business, there could be negative consequences for organizations. The combined risks of ransomware, deepfax and offensive tactics from international nation-states can be daunting for organizations, but staying vigilant and focusing on cyber defense techniques can keep them safe.
What will the 2022 cybersecurity landscape look like – Download the full report from Mendient for a more in-depth and detailed understanding of everything from actors to threats.
This content was created by Mandiant. It was not written by the editorial staff of MIT Technology Review.