[ad_1]
Unless governments and technological innovations can significantly alter the cost-benefit calculation for attackers, ransomware threats will continue to grow because crime is so lucrative. Such attacks are also expected to increase in critical industries where it is imperative to pay cybercriminals to maintain health and safety. New tactics are expected as attackers become more business savvy and anticipate counter-negotiation strategies.
In addition, there is an expected increase in conflict among bad actors in ransomware-as-a-service operations, affecting how victims and organizations feel about making ransom payments. The US government has imposed sanctions on suspected threat actors in an effort to thwart ransomware attacks. However, this approach to preventing organizations from paying extortionists can result in negative recourse for victims.
Deepfakes are another threat used to facilitate business email compromise (BEC) fraud, bypass multi-factor authentication (MFA) protocols, and know-your-customer (KYC) authentication, and will be used more and more in 2022 and beyond.
Major nation-state actors in Russia, Iran, China and North Korea will likely take an aggressive stance to support each of their regional interests. Russia’s scope of operations will expand as it targets NATO, Eastern Europe, Afghanistan and the energy sector. Iran will use its cyber tools to target Israel and the Middle East in order to change the balance of power for its own interests. China is ready to support the Belt and Road initiative and scale its operations using cyber espionage. Despite its financial and geographic challenges, North Korea will stretch its cyber capabilities and take risks.
As organizations continue to rely on the cloud and cloud-hosted third-party providers, these third parties face increasing pressure to maintain availability and security. Increasing cloud adoption through 2022 will coincide with an increase in cloud security and abuse.
The outlook for incoming threats in 2022 looks grim, as ransomware actors become more aggressive and adept at evading tactics and negotiation by the defenders. The attacks are likely to be more elaborate and lucrative for cyber hijackers. As government agencies try to reduce the ransomware-as-a-service business, there can be negative consequences for organizations. The combined threats of ransomware, deep fraud and aggressive tactics from international nation states can be daunting for organizations, but staying vigilant and focusing on cyber defense technologies can keep them safe.
Download Mandiant full report understand in greater depth and detail what the 2022 cybersecurity landscape will look like, from actors to threats.
This content was created by Mandiant. It was not written by the editorial staff of MIT Technology Review.
[ad_2]
Source link