What Are The Main Threats To Corporate Cybersecurity In 2022
The digitalization of companies and administration, remote work and hybrid environments, a greater use of IoT (Internet of Things) devices, the dependence on mobile devices and the 24/7 connection to the Internet or the use of more digital services, are some of the elements that will mean that by 2022 the cybersecurity threats not only continue to occur but also increase in number and intensity.
Although no one will be completely safe from threats to computer security (unless one decides to completely disconnect from the Internet), it is the companies and public administrations that are most exposed to this type of attack and those that will suffer the most from its consequences. economic and reputational.
Supply Chain Attacks
In 2021 we have already seen some of the most notorious supply chain attacks, such as those suffered. The danger of these attacks lies in the fact that they not only affect the service provider company, but also those that depend on them, thus spreading the attack throughout the chain and affecting countless companies, public entities, and individuals.
These attacks, sophisticated and with the potential to cause serious damage to countless victims, could lead (or should) governments to create much stricter and more demanding regulatory frameworks with the security measures of companies, to protect vulnerable networks and avoid failure or interruption of essential services.
Digitization, especially that which had to be done quickly and urgently when lockdowns were imposed by Covid-19 and the need to telework to continue operating, have increased to security breaches. This leads companies and administrations to have to invest more money not only in preventing these breaches but also in recovery protocols, including the need to pay a ransom if they have been victims of ransomware and face possible administrative sanctions.
Speaking of ransomware attacks, they have already featured in many of the news about computer attacks during 2021 and the trend, according to experts, is that this type of attack continues to increase. They have become a lucrative source of income for various groups of cybercriminals since they not only get money in exchange for unlocking encrypted systems but also for not publishing the information that they have managed to exfiltrate during the attack processor for selling it on the internet. dark web.
In addition, ransomware has become one of the products offered on the dark web as MaaS (malware as a service or malware as a service), which means that cybercriminals with less technical knowledge can also use this type of attack.
Cyber Cold War
Tensions seem to grow between different countries in the international arena and this is also reflected in the digital plane; the so-called “cyber cold war” seems to be intensifying at the same time and that leads experts, by 2022, to predict that there will be an increase in cyber attacks sponsored by some States to damage key or critical infrastructure of other governments, such as gas pipelines, pipelines, and power plants.
Fake news (false news or disinformation) is not exactly a cybersecurity threat, but cybercriminals do take advantage of it to carry out other types of attacks, especially phishing and other scams related to the theft of data credentials. An example of this is the disinformation surrounding Covid-19 and vaccines and the sale of false Covid or vaccination certificates on the dark web, some of them accompanied by malware to be installed on the devices of their buyers.
Deepfakes, thanks to the development of the technology that makes them possible, are increasingly sophisticated and difficult to detect, which means that cyberattacks based on them are going to become more common. We already have examples of this in 2021, with company workers who were deceived by a telephone deep fake, in which the cybercriminal, using the voice of a manager or superior, pretended to be that person to request money transfers. Deep fakes also have the potential to influence people through social media by damaging the image and reputation of their victims.
Cryptocurrencies and other types of crypto assets, such as NFTs, are becoming more and more popular and reaching more people, who decide to invest in them. This has caused cybercriminals to also focus on them and design attacks to steal crypto assets from exchanges and user wallets. One of these attacks is carried out using free NFTs that are used as an entry vector to steal users’ wallets by taking advantage of security flaws or vulnerabilities.
Vulnerabilities, especially those present in containers and cloud services, are another target for cybersecurity threats in 2022 since more and more companies and public entities depend on so-called cloud services and, many times, these are left out of control. organization’s information security strategy. Cybercriminals know this and have started attacking and exploiting the vulnerabilities that these sites and services may present.
Hybrid Environments And Mobility
Remote work, both in its full format and in its hybrid format, has brought with it new weak points, especially related to attacks on remote desktop applications and mobile devices, so this trend is expected to continue to rise by 2022. In this case, the weak point is the employee who does not apply or does not follow the instructions and security measures implemented by the company and can leave the door open to all kinds of attacks whose objective is to penetrate the company’s internal network to achieve their targets, often related to ransomware attacks or exfiltration of sensitive information.
Malicious Use Of Defense Tools
Defense tools were designed to test an entity’s cybersecurity measures, however, cybercriminals also exploit them to their advantage and use them to launch much more efficient cyberattacks. It is a trend that has been increasing throughout 2021 and it seems that it will continue to grow in 2022 since it allows you to customize these tools to penetrate the defenses of entities “more easily”. As in other threats that we have seen throughout this article, they are mainly used to launch ransomware attacks and exfiltrate data.