9 key security threats that organizations will face in 2022

Image: Shutterstock/Maxx-Studio

For 2021, cybercriminals took vantage of the coronavirus pandemic, the ongoing displacement to hybrid enactment and the vulnerability of organizations to ransomware. For 2022, we tin expect much of the aforesaid arsenic good arsenic a big of worsening threats to support america connected our toes. A report released Tuesday by cyber menace quality supplier Check Point looks astatine immoderate of the information challenges that organizations volition apt look adjacent year.

SEE: Incident effect policy (TechRepublic Premium)

Supply concatenation attacks volition proceed to grow. Cyberattacks nary longer conscionable interaction the targeted enactment but often person a ripple effect that harms partners, providers, customers and others on the proviso chain. For 2022, Check Point expects that inclination to escalate with much information breaches and malware infections. As proviso concatenation attacks go much common, however, governments volition commencement to devise regulations to amended support susceptible networks. Expect greater collaboration betwixt authorities officials and the backstage assemblage to place and combat much cybercriminal groups that run regionally and globally.

The cyber "cold war" volition ramp up. The cyber acold warfare among antithetic nations has been escalating, and that volition intensify adjacent year. More federation states and groups operating connected their behalf volition proceed to effort to destabilize rival countries and governments. Terrorist groups and activities volition instrumentality vantage of amended infrastructure and greater technological capabilities to motorboat much blase attacks.

Data breaches volition standard up. As information breaches standard up, organizations and governments volition beryllium forced to walk much wealth to retrieve from them, Check Point says. Following the grounds $40 cardinal ransom outgo paid by security elephantine CNA Financial this year, ransom demands are expected to proceed to summation adjacent year.

Misinformation campaigns volition flourish. In 2021, misinformation and "fake news" surrounding the coronavirus pandemic and the efficacy of vaccines dispersed done societal media and different venues. As 1 consequence, Dark Web cybercriminals turned a tidy nett by selling phony vaccine certificates to radical who refused to get vaccinated. In 2022, fake quality volition proceed to play a relation successful phishing campaigns and scams. Plus, expect to spot propaganda and misinformation successful beforehand of the US midterm elections successful an effort to power voters.

SEE: 27 ways to trim insider information threats (free PDF) (TechRepublic)

Deepfake exertion volition beryllium weaponized. The tools needed to make fake but convincing videos and audios person go much advanced. Cybercriminals volition progressively usage them to bargain money, manipulate banal prices and sway the opinions of radical via societal media, Check Point says. As 1 illustration from 2020, attackers utilized exertion to impersonate the dependable of a manager of a Hong Kong slope to instrumentality a slope manager into transferring $35 cardinal into their account.

Cryptocurrency volition play a greater relation successful attacks. As wealth becomes much digital, criminals volition progressively find innovative ways to bargain it. Following reports of stolen crypto wallets triggered by escaped airdropped NFTs, Check Point discovered that attackers could bargain specified wallets by exploiting information flaws. Expect much cryptocurrency-related attacks successful 2022.

Criminals volition exploit vulnerabilities successful microservices. Microservices person go a much communal method for exertion improvement and 1 supported by a greater fig of unreality work providers (CSPs). But arsenic with immoderate fashionable trend, cybercriminals are taking vantage of vulnerabilities recovered successful microservices to motorboat attacks. For 2022, expect much of these attacks targeting CSPs.

Mobile malware attacks volition increase. As organizations shifted to distant and hybrid enactment successful 2020 and 2021, criminals progressively turned to mobile malware arsenic an onslaught vector. In 2021, astir fractional of each organizations reviewed by Check Point had at slightest 1 worker who downloaded a malicious mobile app. With the increasing usage of mobile wallets and mobile outgo services, attackers volition proceed to exploit the reliance connected mobile devices.

Penetration tools volition proceed to beryllium utilized successful attacks. Though created to assistance organizations trial their information defenses, penetration tools person been exploited by cybercriminals to assistance them motorboat much effectual attacks. By customizing specified tools, hackers person been capable to people victims with ransomware. As this maneuver continues to drawback on, we'll spot them utilized to transportation retired much information exfiltration and extortion attacks successful 2022.

"In 2021, cyber criminals adapted their onslaught strategy to exploit vaccination mandates, elections and the displacement to hybrid working, to people organizations' proviso chains and networks to execute maximum disruption," Check Point Software probe VP Maya Horowitz said successful a blog post.

"Looking ahead, organizations should stay alert of the risks and guarantee that they person the due solutions successful spot to prevent, without disrupting the mean concern flow, the bulk of attacks, including the astir precocious ones," Horowitz added. "To enactment up of threats, organizations indispensable beryllium proactive and permission nary portion of their onslaught aboveground unprotected oregon unmonitored, oregon they hazard becoming the adjacent unfortunate of sophisticated, targeted attacks."

Also see

• Cybersecurity: Don't blasted employees—make them consciousness similar portion of the solution (TechRepublic)
• The information and privateness down IBM's Digital Health Pass (TechRepublic)
• How to go a cybersecurity pro: A cheat sheet (TechRepublic)
• Security threats connected the horizon: What IT pro's request to cognize (free PDF) (TechRepublic)
• Checklist: Securing integer information (TechRepublic Premium)
• Cybersecurity and cyberwar: More must-read coverage (TechRepublic connected Flipboard)