Last year, the global pandemic affected all walks of life and significantly increased our online time. It was also the year where cyber threats grew in volume and degree of complexity catching businesses off guard.
For this reason, we decided to write last year’s cybersecurity landscape overview and use it to predict what could be waiting for us in 2022. We cover:
The most significant data breaches
The most vulnerable industries
Frequent forms of cyberattack
Predictions for this year
1. 75% of targeted cyberattacks against enterprises start with an email. (Round Robin)
2. Roughly 1 in 4,200 sent emails is a phishing scam. (Symantec)
3. Over 64% of companies have at least 1,000+ sensitive files open to every employee. (Varonis)
4. In 86% of organizations, at least one user tried to connect to a phishing site. (Cisco)
5. 68% of CTOs agree that cybersecurity risks are increasing. (Accenture)
6. Ransomware attack response accounted for 79% of last year’s IT rapid response action. (Sophos)
7. 86% of data breaches were deliberate and motivated by financial gain. (Verizon)
8. Between 2005 and 2021, there have been 13,900 recorded breaches. (ID Theft Resource Center)
9. Remote work has increased the average data breach cost by $137,000 (IBM)
10. 60% of businesses targeted by a cyber attack go out of business within six months. (Cybersecurity Ventures)
Top 10 most significant data breaches of 2021
Data breaches of large magnitude were happening even before the pandemic hit. Still, we saw cases among the most significant data breaches of the 21st century this year—not to mention that 2021’s data breaches toppled 2020’s in only six months.
For companies, this also means a legal liability, especially if the leaked data ends up causing damage to their customers. Regulations like California Consumer Privacy Act (CCPA) in the US and General Data Protection Regulation (GDPR) in the EU protect the customer’s data and enforce it with severe fines.
Therefore, major data breaches are a cybersecurity risk and a legal one. Class-action lawsuits are issued. Though, almost always, the enterprises agree to settlement as hardly any company facing a data breach scandal would be willing to try its luck in the court of law. Aside from the significant payouts from settlement fines for data mismanagement, it also leaves a permanent black spot on the company’s record, which may deter new potential clients and cost reputational damage.
10. Neiman Marcus Group
Area served: United States
Affected users: 4,600,000
Luxury goods retailer Neiman Marcus was one of the biggest high-profile targets for a data breach last year. In September, they disclosed a leak due to unauthorized access in their internal network, affecting approximately 4.6 million users. Their names, addresses, credit card information, and gift card numbers quickly became public information. However, this incident didn’t affect other brands in its corporate umbrella, like Horchow and Bergdorf Goodman.
Most importantly, this year, it was the most significant data breach that revealed clients’ financial information. Most users froze affected payment cards, but it’s unclear how many people lost money due to this leak. Sadly, this isn’t the first time for the Marcus Neiman Group. In 2013, they paid $1.6 million as a settlement of the previous data breach.
Industry: Video livestreaming
Area served: Worldwide
Affected users: potentially 5,000,000
Amazon’s own video game streaming service suffered a crushing blow. Not only almost 5 million of their business records were leaked, but the breach also included their entire source code. Meaning hackers can better understand how the platform is built and meticulously examine every line of code to look for vulnerabilities. It gives them an upper hand when planning an attack.
The cherry on top was creators’ payout reports leak detailing just how many top Twitch streamers earn. Some of them even confirmed that the published data is accurate. The 125 GB data dump also included software developments kits, internal Amazon Web Services, and other tools. The motivation for the hacking came as a response to Twitch allowing toxic community practices.
Industry: Financial services
Area served: Worldwide
Affected users: 7,000,000
Last year, the online stock trading platform Robinhood disclosed that their employee was a social engineering attack victim, allowing the perpetrator to obtain customers’ names and email addresses. Meanwhile, some users revealed more extensive data, including birth dates, full names, and ZIP codes.
After making a copy of the database, the hacker asked for extortion payment, but instead, Robinhood notified law enforcement agencies. While it wasn’t lax security that got Robinhood in trouble, it was the human element. While no payment information ended up in darknet marketplaces, the customer data will facilitate further targeted attacks against those on this dataset.
Area served: United States
Affected users: 7,000,000
For this data breach, men’s clothing retailer Bonobos have only themselves to blame. They accidentally leaked the backup of their database themselves with no internal systems suffering a breach. They backed up a copy on an external cloud environment, which someone eventually found on the internet. Then, the data was downloaded without any password or encryption and then sold in a hacker forum.
The leaked database is a 70 GB SQL file containing customers’ addresses, phone numbers, partial credit card numbers, password histories, and order information. After learning about the accident, the first thing that the company did was invalidate the passwords and close off access points. Plus, since no security system was compromised, the only thing that they’ll have to learn in the future is data protection and governance.
Area served: Worldwide
Affected users: 9,000,000
Fitness app Jefit also suffered a data breach spilling over 9 million users' information. The dump was posted in the hacking forums and distributed among its community members. The affected users received direct emails asking to change their passwords to prevent further damage. The leaked information included Jefit account usernames, associated email addresses, encrypted passwords, IP addresses, but no financial data. Jefit relies on third-party vendors for that, so they didn’t have access to it.
Other Jefit systems weren’t affected, making this incident somewhat isolated. The main culprit was a bug in their security systems which meant that hackers could access the internal network without authorization. Jefit has since announced that they have patched up a bug and taken measures to strengthen its network against similar attacks in the future.
Industry: Web services
Area served: Worldwide
Affected users: 15,000,000
A web host and domain registrar, Epik, came under fire for providing services to right-wing websites like Gab, Parler, and 8chan. Epik handled domain names reservation and the assignment of the IP addresses to them. What soon followed was a data breach by a hacktivist supergroup Anonymous. The data dump amounted to 180 GB of company data, including 15,003,961 email addresses, customer payment histories, domain purchases, transfers, and passwords. It even had a hidden cache of the company’s internal webserver addresses and customer records.
Anonymous didn’t reveal how they obtained the data or when the hack occurred. However, there are reports that Epik knew of their critical security flaw months before, as proved by a LinkedIn message to their CEO. Yet, after seeing the message, the CEO failed to respond or take adequate action to protect its customer data. They have since fixed the critical security vulnerability, according to reports.
Area served: United States
Affected users: 21,000,000
ParkMobile, a mobile app popular in North America that allows users to pay for parking without cash, reported that they also suffered a data breach that affected their users’ personal information. They had their database leaked in a Russian cybercrime forum that included examples from the dump and the entire database up for grabs. Each user entry from the data set has lines like license plates, email addresses, and phone numbers, but thankfully no sensitive payment information.
The breach happened due to the vulnerability in third-party software that ParkMobile was using. While its ParkMobile breach doesn’t seem that impactful, its scope is troubling. It provides plenty of material for hackers to work with when targeting US citizens.
Area served: Europe, United States
Affected users: 45,000,000
Telecommunications service T-Mobile announced that hackers compromised their systems, stealing the data of almost 50 million current and former users, including sensitive private information like names, addresses, Social Security numbers, PINs, and associated IMEIs and IMSIs. However, credit cards and other payment data remained secure.
Due to the negligence to protect millions of their users’ data, T-Mobile faces multiple class-action lawsuits. Especially problematic is that they still haven’t revealed how the hacker managed to gain unauthorized access to their systems. The responsibility for the hack falls on John Binns, a 21-year-old American, who publicly criticized T-Mobile’s security and performed the hack to get attention.
Area served: Worldwide
Affected users: 126,000,000
Sales and marketing software vendor OneMoreLead, specializing in B2B databases for lead generation, accidentally leaked their main one online. The 34 GB data dump contained 126 million records, including home and work addresses, phone numbers, and full names. Especially troubling is that they did so without the user’s consent.
The company began operating in 2020, so it’s unlikely that they scraped all the data themselves in just a year. Some profiles are incomplete and have a lot of missing fields, indicating that the data came from several sources to fill out the gaps. Regardless, even these bits and pieces can be used for social engineering and weaponize other hacking attempts.
1. Facebook, Instagram, and LinkedIn via Socialarks
Industry: Social networking services
Area served: Worldwide
Affected users: 214,000,000
The cause of this data breach was an unprotected ElasticSearch database owned by a Chinese social media management company SocialArks. The company engaged in social media scraping by collecting data from Facebook, Instagram, and LinkedIn without the user’s consent.
The method of obtaining the data is still unclear, but the data leak occurred due to the misconfiguration in the hosting server. This tiny error made the database directly available for anyone to download as it had neither password authentication nor was it encrypted.
The data contained private phone numbers, email addresses, comments, hashtags, etc. It also included whatever activity a user did on these mentioned websites. The data could be cross-referenced, creating a highly detailed picture for targeted attacks and identity theft attempts.
Most targeted industries in 2021
Suppose your business uses electronic devices or a computer with an internet connection. In that case, it’s susceptible to a cyberattack—every imaginable industry and enterprise type is a potential candidate for a subsequent data breach.
However, it’s worth noting that while the risk is real for everyone, some industries have more cyberattacks directed at them. At the same time, different industries have different risk models and different capabilities to protect themselves against them.
To better understand how it shapes the cyber landscape, we based our research on two key metrics: the average cybersecurity spending as a percentage of revenue and last year’s frequency of attacks. This allowed us to construct a cybersecurity heat map that shows which industries are the most targeted and the most vulnerable. Where possible, we also added how big ransomware demands for particular sectors were.
10. Non-governmental organizations
Average cybersecurity spending: 0.65% [source]
In many aspects, non-governmental organizations are prime targets for cybercriminals. Their limited resources mean that cybersecurity spending will be one of the last things they will tick off the list. Consequently, this also leaves plenty of gaps in the network infrastructure for cybercriminals to exploit.
Their donation-based business model isn’t helping in this case, either, as nonprofits usually have some acquirable financial data. Their fundraising portals frequently lack adequate protection, which can be a perfect target for web defacement. That way, hijackers could misdirect incoming donations to themselves.
Such damage can permanently harm an NGO’s reputation and ruin relationships with government bodies, making it even harder to secure future funding. The disruptions to their project’s fulfillment and even possible termination are real risks.
9. IT & tech
Average cybersecurity spending: 25%
The IT and technology sector is on every hacker’s hit list, but the problem is that it’s one of the sectors best prepared against the attacks. This industry makes a living by solving various IT puzzles so they’re in a somewhat more favorable spot.
Despite this, hackers consistently target them to steal financial or technical information. In cases when their motivations aren’t for financial gain, let’s not forget that hacktivists target some of these companies. Frequently, they believe that they’re in the right, so their hacking attempts are morally justified.
Often, these companies are early adopters of technologies that haven’t reached proper maturity. It means that hackers have better chances of catching them unprepared by exploiting zero-day vulnerabilities. Most tech companies thus implement bug bounties to mitigate potential risks.
Average cybersecurity spending: 5%
While professional services companies aren’t exactly sitting on a mountain of cash, they have something even better to steal — information. Consulting enterprises have access to sensitive client data that they’re obligated to keep confidential. The same consulting agencies often have unrestricted access to internal company networks, which could be a great gateway. Breaching one company and getting direct access to all of their clients it’s too good a deal to pass.
In addition, consulting agencies are usually small to medium-sized businesses themselves. As usual, cybersecurity for them is an afterthought, of which most hackers are aware and actively take advantage.
7. Financial services
Average cybersecurity spending: 15%
If you’re grading industries according to what payouts you could reap if you’re successful, financial services are the one industry to pick. They are exceptionally wealthy, but they are also overseeing a lot of customer data. Increasing digitalization and convenience for their customers means deploying new features and services. Hackers are just patiently waiting for them to make a slip.
With the dawn of remote working, the attack surfaces increased a lot, which meant that previously invincible security systems had begun to show cracks. Unsecure remote third-party providers can become weak points to initiate breaches.
The financial sector is experiencing 46% of all online web attacks targeted at service disruption. However, constantly being under the knife forced the industry to treat cybersecurity with the respect that it deserves. These enterprises take all the possible precautions to stay safe.
6. Small businesses
Average cybersecurity spending: 8%
Average requested ransom: ~$5,900 (source)
Small businesses offer good payouts for hackers, and their infrastructure doesn’t provide too much resistance cybersecurity-wise. It’s a perfect opportunity to get rich by reselling the obtained data or locking behind it with ransomware. Plus, it doesn’t require many hackers’ time or competencies.
Business owners believe they won’t get in trouble because they consider their company too small to attract attention. Few of them have a dedicated IT team, which means mitigation and response will likely only come after an attack. Their small size also means that recovery for such enterprises is much more difficult, if not impossible.
Average cybersecurity spending: 6%
Average requested ransom: $10,000-$50,000 (source)
Municipal utilities represent the infrastructure of critical importance, which means that restoring their regular operation is a national interest. A successful cyberattack puts hackers in an unfair advantage to negotiate with their victims, as sometimes it’s much cheaper to pay the ransom than to halt critical infrastructure operations.
Most utility companies have also adopted modern technologies to remotely manage their services. Modest cybersecurity budgets combined with a large attack surface are a recipe for disaster. In India alone, the power sector experiences 30 cyber attacks each day.
Average cybersecurity spending: 20%
Average requested ransom: $1,600-$14 million (source)
It took a while before most healthcare enterprises fully moved to the cloud. Most organizations are only starting with the new hybrid environments, which means there are many oversights that hackers could find and exploit. In contrast, some healthcare organizations still keep their medical records on-premise without any backup, which is a great target.
Another factor to consider is that patient records fall to the most sensitive pieces of information that you could find. As a hacker, you can make backups of it, lock the files out with ransomware, and sell it on the back market or blackmail the victims after getting paid. Patient health records have sold for as much as $363 on the darknet markets, which makes them more valuable than any piece of information from other industries.
3. Managed service providers & communications
Average cybersecurity spending: 9%
Telecommunications service providers are natural targets because they manage critical pieces of infrastructure used to move data. In other words, a successful cyberattack on a telecommunications provider could disrupt the whole network, shutting off communication channels.
Managed services providers are in the same boat, meaning that successfully breaching them means a much larger scale of disruption and potential gateways in every client’s network.
It could provide the whole infrastructure into a hacker’s playing ground when breached. So, pushing updates to their pool of clients becomes an option. Internet service providers are also top targets for DDoS attacks as the internet shutdown directly affects their users.
2. Government & military
Average cybersecurity spending: 5% [source]
Average requested ransom: exceeds $1 billion (source)
The government and military possess a lot of valuable data, and they’re heavily relying on various third-party contractors. A successful attack could be catastrophic and there are many routes to choose from to initiate it. Local governments also frequently neglect cybersecurity as they have essential expenses to consider elsewhere.
Potentially valuable information and the fact that it’s tough to protect government networks large in scope means they are one of the top hacking targets. Some countries have the honor to be considered worldwide targets. I.e., the United States government is the number one pick for targeted cyber attacks, with 38% of attacks against the government going there, followed by India (17%) and Japan (11%).
Average cybersecurity spending: 3.6% [source]
Average ransomware demand: $112,435 [source]
The education sector ranks last in cybersecurity preparedness based on the latest data. So if you took just about any university’s network, you’d likely notice countless unpatched operating systems with critical vulnerabilities. It’s been the case for several years. However, with recent malware types like ransomware, we’ve come to the point where the flaws have a very high price.
Furthermore, the education industry’s research departments deal with sensitive and valuable data. Their unsecured networks act as a honeypot for hackers, further increasing by their willingness to pay ransom to get their work files decrypted. Each successful attempt encourages others to follow up, further escalating the cycle. Despite these troubling findings, colleges are still reluctant to spend more on cybersecurity, which means that these tendencies are likely to stay.
Most common cyber attacks in 2021
Phishing is one of the most prominent cyber attack types that aim to trick its user into revealing sensitive information by posing as a legitimate institution. It’s mainly spread via genuine-looking emails that redirect unsuspecting victims to fake websites set up by hackers where the users use their actual credentials to log in. Since they see that the website looks similar, they don’t suspect something is wrong.
Once the hacker has the user’s credentials, it can take over its victim’s account, blackmail it, or sell the data in dark web marketplaces. It can also be a gateway into its network to cause even more damage.
According to CISCO’s 2021 Cybersecurity Threat Trends report, about 90% of data breaches occur due to phishing.
2. Network intrusion
Network intrusion loosely defines any unauthorized access to an online network. Once the hacker penetrates the network security, all exchanged data is up for grabs.
Some malware types, i.e., trojan horses, can create backdoors on the user’s device, giving unrestricted access to its network. Though, it’s worth noting that usually network intrusion frequently isn’t an end in itself. Hackers primarily use it to access sensitive data, which they are generally after.
3 Social engineering
Social engineering is a cyberattack that aims to exploit the human element and not necessarily the security systems. It mainly involves tricking people into revealing sensitive information under a false sense of security.
These attacks may go as far as hackers disguising themselves to be allowed to enter the enterprise on-premises or via a simple phone call. However, what remains common is the idea that it’s much easier to trick a person than to bypass a sound security system. Approximately around 33% of data breaches occurred because of social engineering.
Today, malware continues to evolve to escape detection and punch out a hole in security setups. There are many types of it, but it could be generalized as malicious code written to carry out specific tasks that a hacker wants.
There are many types of malware, but generally speaking, it aims to take over, use as a gateway, steal data, or disable the target’s machine. The average organization fielded attempts to be infected with malware 1,748 times in 2021.
Ransomware is a specific form of malware created to infect the affected machine’s storage. It encrypts the stored data locking it away, and asks for ransom in exchange for its decryption, hence its name.
Some ransomware types threaten to share their files publicly or risk file loss if the target fails to pay the ransom. The latter is especially concerning to businesses that rely on computer systems for many purposes.
These cyberattacks are incredibly lucrative for hackers as organizations often decide to pay the ransom, while there’s no guarantee that the hackers will hold their end of the bargain.
A denial-of-service attack (DoS attack) and distributed denial-of-service attack (DDoS attack) are cyberattacks that aim to disrupt the networks by flooding the servers or users’ routers with a barrage of requests to fill up their processing capacity blocking all subsequent requests. Usually, the main goal of an attacker is to make particular websites or services unreachable or to crash them permanently.
Frequently other methods are used to orchestrate a large-scale DDoS attack. Some malware types take over unsuspecting users’ devices in large scale, known as botnets. It’s possible to direct a large volume of requests to specific IP addresses using a botnet to overload them instantly. Darknet marketplaces now list DDoS attacks as one of the services that individuals who have no IT expertise can buy.
7. Credential stuffing
When a users’ emails and passwords get leaked in a data breach, credential stuffing is a method to try the same password and email combinations on unrelated sites. Since many people frequently use the same email/password pair for all of their accounts, it’s a relatively easy way for hackers to gain unauthorized access to their accounts.
Essentially, it’s a method to obtain a large volume of users’ accounts without dealing with network intrusion, malware, or breaching security systems. It’s another grave concern for businesses as there’s always a risk that their employees’ passwords might already be compromised and used to enter their work accounts.
8. Insider threats
Insider threats are cybersecurity risks associated with the organization’s staff. Rogue employees can cause harm by malicious intent or sheer negligence. In some cases, the hackers could bribe them to insert a flash drive to install backdoors or open particular ports.
However, in many regards, this can be considered a grey area. For example, while internal, someone could be regarded as an insider threat, it could also be considered a whistleblower in the public’s eyes. The significant distinction from social engineering is that while a social engineer merely pretends to have legitimate access, the insider has it access but uses it for malicious purposes.
9. Man-In-The-Middle attacks
The goal of Man-in-the-middle attacks is to eavesdrop or steal sensitive information. Though, most communication channels nowadays are adding at least some level of encryption to make such snooping attempts more difficult.
Such attacks are possible due to vulnerabilities in the expired SSL certificates used to secure connections on various websites. Using freemium VPNs, proxies, or public wifi is also something that could put your communication channel in the hands of your attacker.
10. Cloud jacking
Otherwise known as cloud hijacking, this method targets the data stored in the external cloud. Most modern enterprises are taking advantage of flexible scaling services like Salesforce or Microsoft Azure. Therefore, hackers look for poorly secured loopholes to steal the stored data.
Since most users don’t have many files locally, it makes much more sense to target the centers housing the data. Frequently, hackers take advantage of vulnerabilities in cloud providers’ management software or find default security configurations that they could easily crack.
How Can I Protect My Company from Cyber Attacks?
1. Cybersecurity training for employees
Knowledge about different types of cyberattacks makes it easier to identify them in real life. Most popular forms of cyberthreats follow fairly common patterns, so a trained employee won’t have a hard time telling apart a phishing email from a genuine one.
Cyberattacks are evolving daily, so regular training needs to reflect the enterprise’s risks—and proper responses to future attacks.
2. Secure your network & hardware
Hackers are gaining access by finding unpatched loopholes or other vulnerabilities. You should take every step you can to ensure that the attack surface is as little as possible, including every endpoint device.
Enforce a virtual private network’s use when accessing sensitive company documents to secure the exchanged data and seal off the network from the outside. Services like NordLayer provide secure network service edge services just for those cases.
3. Encrypt your data
When databases get breached, it doesn’t necessarily mean that the user databases with their emails and passwords are exposed. If an enterprise encrypts the passwords, you might hear about ‘hashing and salting’. Hashing means scrambling a password into a string of unintelligible characters, while salting adds additional elements before hashing to make it impossible to reverse-engineer.
The headliners of significant data breaches usually don’t use encryption at all. As a business manager, you should look into data encryption methods that apply in your business as it dramatically increases the security of your user data.
4. Use multi-factor authentication
Multi-factor authentication is a perfect way to stop credential stuffing attempts. Even if the hackers successfully pass the password check, it won’t be possible to log into the account without the second-factor authentication.
It’s a simple method to increase the account’s security, making it more difficult to breach. 2FA can stop many hacking attempts that otherwise would allow hackers to take over the accounts unchallenged.
5. Engage in active threat monitoring
In a business setting, network monitoring should be one of the first things to set up. Use tools to analyze network status to discover unusual patterns, which could signal an ongoing cyberattack. Stop it in its tracks and avoid the damage.
It’s also possible to set up using a VPN network, providing a network administrator with a complete view of the network. That way, even when the network extends beyond the office premises, it’s possible to oversee it and ensure safety.
6. Implement security policies
A golden rule states that employees should have access only to those files they need to fulfill their job roles. Any deviation from this is a potential hazard that could explode at any time, especially considering possibilities like insider threats.
Adequate security policies can limit the damage in the event of an attack. Even if the hacker wants to steal the data, only particular employees can access it, making the hacking attempt a fiasco and allowing the enterprise to stay safe.
7. Update used software
Keeping outdated software is an open invitation to hackers. Once they find a vulnerability, it becomes public information quickly, and every machine using unpatched software is at risk.
Businesses arguably have the most to lose because large organizations have a large pool of users who may postpone the updates due to them being a nuisance. Hackers are aware of this, so you shouldn’t leave yourself open. Forced updates are something that can come in very handy.
8. Conduct regular security audits
Knowing where to expect an attack makes it easier to develop a counterplan. But there’s no other way to find out these weak points other than hiring an external audit firm or cybersecurity consultant agency. Usually, they’re happily trying to breach your network and provide you with detailed reports on where you should improve—a much cheaper alternative than paying a ransom after a successful hacking attempt.
9. Enforce strong passwords
If a user is using ‘123456’ as his primary password for most of his accounts, it’s very likely that his behavior in the workplace won’t be any different. For that reason, you should add various length and complexity requirements for password complexity.
In other cases, sometimes, users only need some guidance. Password phrases could be just a memorable alternative that would also be secure. However, most people just haven’t got the slightest idea that it's an option.
10. Keep data backups
Keeping backup servers is a good countermeasure against ransomware. You could avoid spending money for ransom and just restore your data from backup. Don’t forget that a backup could also be infected, so try to develop a solution that ensures the optimal refresh interval for data updates.
On the other hand, make sure that your data backups are secure. Last year, numerous data breaches occurred because someone negligently left their backups unprotected in public cloud services, leaving them vulnerable to hackers.
Cybersecurity predictions 2022
1. Attacks against home networks
After covid pandemics working from home is now an option in numerous enterprises. However, this also means that hackers who previously had to find ways around intricate enterprise network systems can now do it by attacking consumer home routers.
New niches for attacks appear, directing them against home users to use it as a launchpad to enter a corporate network posing as a remote working employee. The first signs appeared in 2020, and now the trend is continually growing.
2. More cryptocurrency heists
With the war in Ukraine and SWIFT sanctions, many users will likely dip their toes into the cryptocurrency world, meaning an influx of inexperienced users. They could be easy prey for hackers.
Since cryptocurrency and NFT markets are steadily growing, it’s only natural that we’ll be seeing more of their heists.
3. Increased adoption of zero-trust
Cybersecurity-conscious companies will likely implement zero-trust policies to increase their overall security. It serves as a deterrent, and it strongly limits the hacker’s access capabilities once it’s inside. As the number of data breaches increases, we’ll likely see more examples of zero trust normalization across numerous industries.
4. Increase of ransomware attacks
A significant chunk of businesses is unprepared to deter ransomware attempts. The lack of overall network security means that ransomware should stay as the #1 most popular cyberattack type for the foreseeable future.
5. Cybersecurity workforce shortage means that plenty of enterprises won’t have sufficient protection
According to reports, business needs in the global cybersecurity market strongly outnumber available cybersecurity specialists. In other words, there aren’t enough of them to help every single business that needs their services, which puts them in an awkward position.
Enterprises should combat this shortage through training courses to protect their workforce.
6. Emerging tech vulnerabilities boom
Emerging technologies are closely related to new vulnerabilities that nosy individuals will find. Since 2022 is promising, plenty of innovations like 5G or open banking are now in the public domain, expect their hiccups and savvy individuals who will be exploiting every single opportunity for their gain.
7. Introduction of widespread cloud threats
You can make the case that hackers primarily target areas from which they could profit. So, likely, the place where you’re storing your data will be their priority. However, with more companies migrating to cloud infrastructure, their data is no longer on their network.
Therefore, it would only come as the following logical conclusion to escalate attempts to exploit cloud networks. We’ve been noticing how misconfigurations made them open to anyone, which was also the cause for several data breaches of last year. Expect them to increase in scope.
8. IoT adoption as a new entry point for attacks
IoT devices usually have poor security and direct access to closed networks. In other words, it’s the perfect invitation to try your luck with the potential rewards of being remote access into the company network.
Since most IoT devices don’t have enough processing power to be secured, the network administrators will likely have to figure out policies that wouldn’t disrupt their operation but close off just enough to be safe.
9. Increase of state-sponsored operations
The war in Ukraine is happening on multiple fronts, with the cyber world being one of them. Now we’re seeing an unprecedented scale of state-sponsored cyberattacks. With Russia isolated from the western world, it will most likely have detrimental consequences for global cybersecurity.
10. Supply chain as a lucrative target for cyberattacks
Current sanctions on Russia and Belarussia make oil pipelines and other facilities super targets, with the gas prices reaching all-time highs in some countries. You can expect that utility cybersecurity preparedness will continue to be field-tested, just like last year.