Along with the beginning of the crisis created by Covid-19, a global cyber pandemic was unleashed. Given the complexity of threats and the increase in attacks on companies, it is important to adopt practices that seek a type of immunity to manage, resist, and then be able to respond to attacks or interruptions.
“We are going through a series of threats with cyber-pandemic characteristics, with more sophisticated attacks worldwide; so companies must pay special attention to protecting themselves against risks, defending and limiting the severity of attacks. For this reason, within the framework of the International Day of Information Security, which will take place on November 30th, we want to highlight the main trends and challenges that companies will face in 2022”, says Ángel Salazar, general manager of Soluciones Seguras Guatemala.
The global impact that this pandemic has had is represented by the 40% increase in weekly attacks on organizations in 2021, compared to 2020. Mainly, in Latin America social engineering techniques were used, increasing the attack surface; with main attention to corporate devices, the so-called BYOD (Bring Your Own Device) or the unsecured internet connections used by some remote employees.
This is why companies, like all countries, are seeking immunity that allows them to face attacks and, according to the predictions made by experts from Check Point, a partner of Secure Solutions, the risks that companies will face worldwide during 2022 are also related to malware, privacy, and cyber-conflicts.
Among the main predictions are:
• Fake News and disinformation campaigns are back- Misinformation campaigns about COVID-19 and vaccines were identified during 2021. In 2022 this trend will continue, with groups of cybercriminals taking advantage of this type of campaign to deploy phishing attacks and scams.
• Attacks on supply chains- Attacks on supply chains will be on the rise, so governments will need to establish regulations to address these disruptions and protect networks. It is also estimated that they will seek to collaborate with the private sector, as well as other countries, to identify and target more threat groups operating on a global and regional scale.
• The Cyber “Cold War” intensifies- The improvement of infrastructures and technological capabilities will allow terrorist groups or political groups to launch and carry out more sophisticated or far-reaching attacks. These cyber-attacks will increasingly be used as indirect conflicts to destabilize activities or economies globally.
• Data breaches will be more expensive and on a larger scale- Starting in 2022, we will see an increase in data breaches, with greater frequency and scale. Such leaks will tend to be more expensive and more difficult for businesses and governments to recover. The ransoms demanded by the attackers are expected to increase in 2022.
• Attacks on mobile devices are on the rise- As more people use their devices as digital wallets and payment platforms, malware attacks on them will increase and cybercriminals will evolve their techniques to exploit the growing dependence on mobile devices.
• Cryptocurrencies become focal point for global cyber-attacks- When money is turned purely into software, the cybersecurity needed to protect against hackers stealing and manipulating bitcoins will change unexpectedly. In 2022, it is expected to see an increase in attacks related to cryptocurrency wallets or users.
• Cybercriminals will exploit vulnerabilities in microservices- Due to the microservices architecture adopted by cloud service providers (CSPs), cybercriminals are expected to use vulnerabilities to launch large-scale attacks.
• Attackers will use deepfake technology as a weapon- Fake video or audio techniques are now advanced enough to be used to create targeted content that manipulates sentiment, stock prices, or worse. As in the case of other mobile attacks that are based on social engineering, the results of a phishing attack can range from fraud to the most advanced espionage. These attackers will use these types of deepfake social engineering methods to obtain permissions and access confidential data of companies, people, etc.
• Penetration tools will continue to grow-Globally in 2021, every week, 1 out of 61 organizations was affected by ransomware. It will continue to grow, despite efforts by some governments to limit this growth. Criminals will target companies that can pay a ransom, and ransomware attacks will become more sophisticated in 2022.
“The sophistication and scale of cyber-attacks will continue to increase. To stay ahead of threats, organizations must be proactive and not leave any part of their assets unprotected, or they run the risk of becoming the next victim of complex attacks”, says Francisco Robayo, Latin America Engineering Leader at Check Point.