Ransomware threats will continue to grow unless governments and technological innovations can significantly change the cost-benefit calculation for attackers, as crime is simply too lucrative. These types of attacks are also expected to increase in critical industries where paying cybercriminals is imperative to protect health and safety. New tactics are expected from attackers as they get smarter at business and anticipate counter-negotiation strategies.
Additionally, an increase in conflict between bad actors is expected within ransomware-as-a-service operations, which will affect the way victims and organizations think about paying ransoms. The US government has imposed sanctions on suspected threat actors in an effort to curb ransomware attacks. However, this approach to preventing organizations from paying money to extortionists can generate negative resources for victims.
Deepfakes are another threat that has been used to facilitate Business Email Compromise (BEC) fraud, bypass Multi-Factor Authentication (MFA) protocols, and know your Customer Identification Verification (KYC), and will be used every time. more in 2022 and beyond.
Major nation-state actors in Russia, Iran, China, and North Korea are likely to take an aggressive stance to advance each of their regional interests. Russia’s scope of operations will expand as it targets NATO, Eastern Europe, Afghanistan, and the energy sector. Iran will use its cyber tools to target Israel and the Middle East in an effort to shift the balances of power in its own interest. Through the use of cyber espionage, China is prepared to support the Belt and Road initiative and scale its operations. North Korea will flex its cyber capabilities and take risks despite its financial and geographic challenges.
As organizations continue to rely on the cloud and third-party cloud-hosted providers, those third parties face increasing pressure to maintain availability and security. The growth of cloud adoption through 2022 will coincide with increased cloud engagement and abuse.
The outlook for incoming threats in 2022 looks bleak as ransomware actors become more aggressive and adept at circumventing defenders’ tactics and negotiations. The attacks are likely to become more elaborate and lucrative for cyber extortionists. While government agencies seek to mitigate the ransomware-as-a-service business, there could be negative outcomes for organizations. Threats made up of ransomware, deepfakes, and aggressive tactics from international nation-states can be daunting for organizations, but staying vigilant and focused on cyber defense technologies can keep them safe.
Download Mandiant’s full report to understand more deeply and in detail what the cybersecurity landscape will look like in 2022, from actors to threats.
This content was produced by Mandiant. It was not written by the editorial staff of MIT Technology Review.