5 Cybersecurity Threat Predictions for 2022

January 13, 2022

Over 50% of people are at least moderately concerned about cybersecurity threats and the impact they might have on their lives. And, when a person is concerned about something, it is only natural to try and find some predictions and analyses for what might happen in the future. Unfortunately, cybersecurity predictions are imprecise and involve a lot of educated guesswork, and this short overview is just that – educated guesswork. Nothing is certain in the highly adversarial world of digital security, so take these predictions with caution: there might always be a black swan lurking around the corner.

Read our latest report on IoT botnet activity.

1. Ransomware Will Evolve

Recent years have shown how ransomware can have a severe impact on businesses and governmental organizations. While the malware itself might not change much, the way it is delivered to target organizations is evolving. Today, sophisticated ransomware attacks are likely to use company employees and infiltrators as malware delivery vectors. On top of these insider threats, ransomware can end up on company networks as a result of successful targeted phishing campaigns, where employees install the malware unintentionally.

2. Remote and Hybrid Work Arrangements Might Be Abused

Many workplaces are transforming into fully remote or hybrid work arrangements. As we’ve seen at the start of the pandemic, a significant increase of work devices on residential networks lure cybercriminals to attack these networks. Penetrating a home network with a rogue device or malicious remote access attempts is easier than attacking a properly managed enterprise network with advanced security systems in place. Hybrid work arrangements expand the attack surface with every new place the employees work from, especially if they use hotel networks or other poorly secured connections to work from anywhere.

3. Phishing and Fraud to Abuse Newer Platforms

Every internet user is familiar with email spam, but some might believe that newer messaging and social media platforms are somehow immune to the spread of malicious activities. There are both automated and personalized attacks happening over Slack, Discord, Twitch, Telegram, and TikTok, which might not be widespread enough to attract public notice. Every new communication platform is likely to become a channel for social engineering, especially due to its novelty: new platforms often do not experience the full extent of malicious abuse, making them a fertile ground for phishing attacks and fraud actors. Payment systems, especially crypto exchanges, are likely to remain major targets of fraud due to high liquidity and relatively low regulation.

4. Malware as a Service (MaaS)

Cybercriminals have formed an extensive ecosystem that includes malware development companies, dedicated marketplaces for specific exploits, customer service agents, and loyal clientele. This black market has followed the way of traditional software businesses, offering malware as a service to anyone interested in abusing some institution, company, or person. This includes botnets for rent that offer DDOS attacks as a service. MaaS has greatly expanded the number of people that are able to launch cyberattacks by reducing the barrier for entry for non-technical criminally minded people. As seen with Pegasus and other attacks, governments are also using similar services to spy on opposition figures, activists, and journalists.

5. 5G and Critical Infrastructure in the Sights

5G is bringing a lot of industrial IoT devices online with direct wireless connectivity, and this is another expansion of the attack surface. What’s key in understanding threats to 5G networks is the infrastructure constraints and (the lack of) resilience against massive attacks. It is extremely likely we will see popular websites and services disrupted by IoT botnets, but we should also know that with the explosion of IoT devices these botnets might become large enough to disrupt massive telecommunications networks altogether. All it might take is for a large enough botnet to target a particular node, last-mile infrastructure or any other key area with bandwidth constraints. 5G might enable these attack vectors by providing enough throughput at the device level, if sufficient upgrades are not made down the line, at the core network level or inter-network peering infrastructure.

Follow CUJO AI Labs on Twitter to get our latest research and real-world insights into the cybersecurity threats we detect and prevent in over 40 million networks around the world.