Since the pandemic in which we find ourselves due to COVID 19, the process of digitization and adoption of new technologies in the world accelerated as never expected, forcing people and organizations to work remotely at home implied using tools that were not previously contemplated, along with this also added new attack vectors, which cybercriminals are exploiting continuously and will continue to do so this 2022, so we present the trends for this year.
This malware will continue dominating the threat landscape and will be the most lucrative crime in 2022 according to Kaspersky, daily about 5,000 attacks are identified in Latin America. The most affected countries are Brazil, Mexico, and Colombia, these cyberattacks will focus on data breaches for extortion purposes, although it also expects an increase in ransomware in Linux environments that have storage or ESXI templates. In conclusion, it is estimated that 2022 can reach 6 billion dollars in data ransomware.
Attacks on cloud infrastructure
Cloud infrastructure will see an increase in malicious activity in 2022 misconfiguration and a shortage of workforce with sufficient cybersecurity expertise will play a significant role in data breaches. Organizations feel that because having their operations and information in cloud solutions is not necessary about worrying about security, which cybercriminals will take advantage of to leak this type of infrastructure and mentality.
Supply chains and governments
It is expected that cybercriminals will target service providers to infect as many victims as possible with malware to introduce malicious code into products or infrastructures to attack the supply chain to destabilize companies. The public-private collaboration will be essential to protect against this type of attack.
This type of attack will continue to occur on a larger scale through different vectors, such as malware, spam, phishing, among others. The purpose of these attacks is to make cybercriminals appear to be trustworthy people from other organizations or the same organization and make users type in users and passwords; once these users are compromised, the attacker will look for confidential information or credentials of other types of users.
Organizations should be aware of the threat posed by vulnerabilities in open-source software, in 2022 is expected to see an increase in open-source software packages with malicious code. Sonatype estimated 12,000 attacks on open source projects in 2021, representing a 650% year-over-year increase, as a consequence, it´s imperative that both the public and private sectors prioritize security in their open-source projects.
Good security and cybersecurity practices are essential in any organization, investment in technologies that leverage security and protect infrastructures (on-premise – cloud) and constant training of the collaborators is vital to overcome these issues. Both need to go hand in hand to have the desired security results.
Around 85% of cyber-attacks suffered by companies have their origin in the human factor and cybercriminals are constantly improving their attack techniques when talking about cybersecurity. Companies must reconsider the perimeter to be protected (not only layered protection) because now is where the data is used regardless of the physical location where it is stored.
Analytics tools are extremely useful to help identify potential risks, but it is still like finding a needle in a haystack, 100% prevention will become the norm as organizations fully embrace the principles of zero trust.
For more information, please refer to the following sources associated with the story: