At the start of 2022, many businesses will be breached
As organizations worldwide slow down for the holidays as well as find themselves in work environment transitions – with many returning to pre-pandemic in-office models and others extending their hybrid workforce – distractions will create opportunity for cybercriminals to infiltrate networks without raising suspicions. Well into 2022 we will see breach disclosures and cyberattacks with initial compromise tracking back to early in the year.
One business’s ransomware attack, will become another business’s extortion
Ransomware attacks will become more relentless in their quest to scale up revenue and do so fast. In 2022 we will start seeing more and more triple extortion ransomware, whereby a ransomware attack experienced by one business, becomes an extortion threat for its business partner. Ransomware attackers won’t stop at extorting the victim organization for ransom, they will extort its business partners whose data it holds or business partners who cannot afford the supply chain disruption.
Supply chain attacks will become a top boardroom concern
In 2021 the world felt the brunt of supply chain bottlenecks due to COVID-19 restrictions, and recognizing this, cybercriminals will seek to capitalize on our heavy reliance on supply chains — both on a consumer and enterprise level. Supply chains have many blind spots or cracks that attackers can take advantage. Ransomware attacks will be a threat not only to companies as individual entities but to their supply chains as a whole, making these types of attacks a top concern for the Board.
Blockchain will become a cybercrime hideout
With enterprises and consumers increasingly relying on blockchain for their supply chain management and digital transactions, we’ll begin to see attackers too turn to its legitimate use to stay under the radar for longer. In 2022, we’ll see blockchain become a more common “tool” used by cybercriminals to obfuscate their malicious traffic, avoid detection and extend attacker’s stealth. This will make it increasingly harder for defenders to discern malicious activity on the network.
Zero Tolerance for Trust Will Redefine the State of Security
More and more businesses are realizing that to build customer trust they must establish zero tolerance for trust in their security strategy. In 2022 we will start to see government and private industry scrutinize their trusted relationships more, and re-evaluate the “who, what, why” regarding access to their data. Not only will will start seeing more “auditing’ of user access, but application access to data as well.
Predictions for cybersecurity in 2022 by Charles Henderson, Head of IBM X-Force, Nick Rossmann, Global Threat Intelligence Lead, IBM X-Force, and Laurance Dine, Global Partner, IBM X-Force Incident Response.