CPS forecasts on new opportunities for cybercriminals in 2022

Check Point Software Technologies has issued its 2022 cyber-security forecasts, outlining the top security problems businesses will face in the coming year. While cybercriminals continue to exploit the COVID-19 pandemic’s impact, they will also develop new attacks using deepfakes, bitcoin, mobile wallets, and other methods.

“In 2021, cybercriminals adapted their attack strategy to exploit vaccination mandates, elections, and the shift to hybrid working, to target organizations’ supply chains and networks to achieve maximum disruption,” said Maya Horowitz, VP Research at Check Point Software.

He added, “The sophistication and scale of cyber-attacks will continue to break records, and we can expect a huge increase in the number of ransomware and mobile attacks. Looking ahead, organizations should remain aware of the risks and ensure that they have the appropriate solutions in place to prevent, without disrupting the normal business flow, the majority of attacks, including the most advanced ones. To stay ahead of threats, organizations must be proactive and leave no part of their attack surface unprotected or unmonitored, or they risk becoming the next victim of sophisticated, targeted attacks.”

Key highlights from the 2022 Global cyber-security predictions report include:

• Fake news and misinformation campaigns return: Throughout 2021, misinformation was spread about the COVID-19 pandemic and vaccination information. In 2022, cyber groups will continue to leverage fake news campaigns to execute various phishing attacks and scams.
• Supply chain cyber-attacks continue to increase: Supply chain attacks will become more common, and governments will begin to establish regulations to address these attacks and protect networks and collaborate with the private sectors and other countries to identify and target more threat groups globally. 
• The cyber ‘cold war’ intensifies: Improved infrastructure and technological capabilities will enable terrorist groups and political activists to further their agendas and carry out more sophisticated widespread attacks. Cyber-attacks will increasingly be used as proxy conflicts to destabilize activities globally.
• Data breaches are larger scale and more costly: Data breaches will happen more frequently at a larger scale and cost organizations and governments more to recover. In May 2021, US insurance giant paid $40 million in ransom to hackers. This was a record, and we can expect ransom demanded by attackers to increase in 2022.
• Crypto currency gains popularity with attackers: When money becomes software purely, the cyber security needed to protect against hackers stealing and manipulating bitcoins and altcoins is sure to change in unexpected ways.
• Attackers target mobile: As mobile wallets and mobile payment platforms are used more frequently, cybercriminals will evolve and adapt their techniques to exploit the growing reliance on mobile devices.
• Attackers will leverage microservices’ vulnerabilities: With microservices architecture being embraced by Cloud Service Providers (CSPs), attackers are using vulnerabilities found in them, to launch large-scale attacks on CSPs.
• Deepfake technology is weaponized for attacks: Techniques for fake video or audio are now advanced enough to be weaponized and used to create targeted content to manipulate opinions, stock prices or worse. Threat actors will use deepfake social engineering attacks to gain permissions and access sensitive data.
• Penetration tools continue to grow:  Globally in 2021, 1 out of every 61 organizations was being impacted by ransomware each week. Threat actors will continue to target companies that can afford paying ransom,and ransomware attacks will become more sophisticated in 2022.Hackers will increasingly use penetration tools to customize attacks in real time and to live and work within victim networks.