Ransomware threats will continue to grow unless governments and technological innovations can dramatically change the cost-benefit calculation for attackers, as crime is simply too profitable. These types of attacks are also expected to increase in critical industries where paying cybercriminals is essential to protect health and safety. Attackers expect new tactics as they become more business savvy and anticipate counter-negotiation strategies.
Moreover, there is an expected increase in conflict between bad actors within ransomware as a service operations, which affects how victims and organizations think about paying the ransom. The US government has imposed sanctions on suspected threats in an effort to curb ransomware attacks. However, this approach to preventing organizations from paying extortionists can cause a negative sanctuary for victims.
Deepfakes is another threat that has been used to facilitate Business Email Fraud (BEC), bypassing Multi-Factor Authentication (MFA) and Know Your Customer (KYC) protocols, and will be increasingly used in 2022 and beyond.
The major nation-state actors in Russia, Iran, China, and North Korea are likely to maintain an aggressive posture to advance each of their regional interests. Russian operations will expand as they target NATO, Eastern Europe, Afghanistan and the energy sector. Iran will use its electronic tools to target Israel and the Middle East in an attempt to shift the balance of power in its favour. Using cyber espionage, China is preparing to support the Belt and Road Initiative and expand its operations. North Korea will showcase its cyber capabilities and take risks despite financial and geographic challenges.
As organizations continue to rely on third party providers hosted on the cloud and in the cloud, these third parties face increasing pressure to maintain availability and security. Cloud adoption growth through 2022 will coincide with increased cloud penetration and abuse.
The outlook for the upcoming threats in 2022 looks bleak as ransomware actors become more aggressive and adept at evading defenders’ tactics and negotiations. The attacks are likely to become more sophisticated and profitable for online extortionists. As government agencies look to mitigate the ransomware-as-a-service business, there may be negative consequences for organizations. Complex ransomware threats, deep fakes, and aggressive tactics from international nation states can be daunting for organizations, but staying vigil and focused on cyber defense technologies can keep them safe.
Download the full Mandiant report to understand in more depth and in detail what the cybersecurity landscape of 2022 will look like – from actors to threats.
This content has been produced by Mandiant. It was not written by the editorial team at the MIT Technology Review.
[ad_2]
Source link
