It’s been a whirlwind couple of years for the IT channel. As the COVID-19 pandemic drove a widespread shift to remote-first work, organizations around the world have had to adopt very different — and complex — IT environments that support new needs like remote file access, video collaboration, and bring-your-own-device policies. Cybercriminals have evolved their tactics considerably in response to these new attack surfaces and IT relationships.
As 2021 comes to an end, let’s take a look at what we can expect over the next year.
1. Ransomware’s Impact Will be Felt Strongly
Ransomware continues to dominate news headlines, and for good reason. It’s one of the most profitable types of cyberattack: few organizations can weather the financial and reputational damage caused data loss or extended downtime. The pressure to pay up is immense.
Looking ahead to 2022, expect ransomware threats to expand their focus to new attack surfaces —like macOS and Linux devices, as well as new environments such as virtual systems, the cloud, and OT/IoT. Anything connected to a reachable network is a potential target. Cybercriminals will continue to rely on double extortion tactics, threatening the public release of sensitive data if their demands aren’t met.
The real-world impact of ransomware will be more apparent than ever, and it’s likely that the demand for official regulations and sanctions will grow in response.
2. Phishing Attacks Will Continue to Evolve
The volume of phishing attacks, and malicious emails in general, remains at an all-time high. And despite constant awareness campaigns and internal security training, users still fall victim to these attacks with some regularity. It only takes one such event to compromise an entire organization.
Phishing has become much more dangerous as cybercriminals use automation and personalized info — often mined from data breaches, social media profiles, and corporate websites — to tailor their attacks and increase their effectiveness. Expect this trend to continue into 2022. To bypass common anti-phishing tools, business email compromise (BEC) attacks will also look towards alternative messaging services like text messages, Slack, and Teams chat.
3. Living-off-the-Land Attacks Will be in Full Swing
Cybercriminals are turning their eye towards the trusted connections that can allow them access to company networks — connections like a service provider or software vendor. We’ve seen a dramatic increase in software supply chain attacks over the last year, some of which dominated international headlines.
Service providers have a particularly large target on their backs here. Threat actors know that IT management solutions like professional services automation (PSA) software or remote monitoring and management (RMM) tools are the proverbial “keys to the kingdom.” Many providers also rely on automation for efficient system provisioning and patch deployment, which attackers would be keen to compromise for the distribution of malware.
4. Data Breaches Will Increase Even Further
Although data privacy laws are becoming more numerous and expanding their reach, we still expect the number of reported breaches to rise even higher in 2022. Unfortunately, these leaks will also enable attackers to enrich their target profiles and subsequently create more effective threats.
This expected increase isn’t only because these breaches must be formally reported, but also has to do with the complexity of today’s IT systems. Many companies lack a clear overview of where all their data is actually located, and how — or by who — it can potentially be accessed, making large-scale breaches almost inevitable. Automated data exchange from IoT devices and M2M communications is increasing the spread of information as well.
5. Adversaries Will Step up Attacks Against AI
The days where signature-based detection offered sufficient protection are well behind us. Cyberthreats evolve with blinding speed, and automation allows criminals to generate an ocean of distinct malware variants that quickly overwhelm legacy detection systems. IT pros are thus increasingly reliant on artificial intelligence (AI) to identify and block potentially dangerous behavior.
It’s fair to assume that we’ll soon see attackers turn their focus to AI models themselves, looking for exploitable weaknesses in the logic. Cybercriminals may, for instance, be able to identify timing issues within AI-driven protection wherein changes that happen sufficiently slowly are not seen as anomalous — and thus aren’t blocked from executing. If successful, such tactics could reverse decisions inside the AI model and allow attackers to penetrate systems while remaining undetected.
Protect Your Data and Systems in 2022
Cybercriminals are, above all else, profit-driven. They’ll try to maximize their gains by automating attacks and targeting the organizations that are most exposed. Any weak point in your IT supply chain or internal security environment is a potential attack vector for a severe cyberthreat.
Unfortunately, most businesses still struggle to effectively protect their entire workloads across a complex IT ecosystem that now includes the cloud, the office, and remote users from around the world. A proactive, holistic approach is needed — one that integrates cybersecurity, data backups, and the ability to quickly recover from disaster. We call this approach cyber protection.
Discover the award-winning power of threat-agnostic anti-malware, multi-platform backup, vulnerability assessments and automatic patching, and more — all through a single pane of glass — when you start your free trial of Acronis Cyber Protect Cloud.
This guest blog is courtesy of Acronis. Read more Acronis guest blogs here. Regularly contributed guest blogs are part of ChannelE2E’s sponsorship program.
