Ransomware threats will continue to grow unless governments and technological innovations can significantly change the cost-benefit calculation for attackers, as the crime is simply too lucrative. These kinds of attacks are also expected to rise in critical industries where paying cyber criminals is imperative to protect health and safety. New tactics are expected from attackers as they become more business savvy and anticipate counter-negotiation strategies.
Further, there is an anticipated increase in conflict among bad actors within ransomware-as-a-service operations, affecting how victims and organizations think about making ransom payments. The US government has placed sanctions on suspected threat actors in an effort to curb ransomware attacks. However, this approach to stop organizations from paying money to extortionists can cause negative recourse for victims.
Deepfakes are another threat that have been used to facilitate business email compromise (BEC) fraud, bypass multi-factor authentication (MFA) protocols and know your customer (KYC) ID verification, and will be increasingly used in 2022 and beyond.
Major nation-state actors in Russia, Iran, China, and North Korea will likely maintain an aggressive posture to promote each of their regional interests. Russia’s scope of operations will expand as it targets NATO, Eastern Europe, Afghanistan, and the energy sector. Iran will use its cyber tools to target Israel and the Middle East in an effort to shift power balances in its own interest. Using cyber espionage, China is poised to support the Belt and Road initiative and scale their operations. North Korea will flex its cyber capabilities and take risks despite its financial and geographical challenges.
As organizations continue to rely on cloud and cloud-hosted third-party providers, those third parties face mounting pressure to maintain availability and security. The growth of cloud adoption through 2022 will coincide with the increase of cloud compromise and abuse.
The outlook on incoming threats in 2022 appears grim as ransomware actors become more aggressive and adept at dodging defenders’ tactics and negotiations. Attacks are likely to become more elaborate and lucrative for cyber extortionists. While government agencies are looking to mitigate the ransomware-as-a-service business, there could be negative outcomes for organizations. The compounding threats of ransomware, deepfakes, and aggressive tactics from international nation-states may be daunting for organizations, but remaining vigilant and focused on cyber defense technologies can keep them secure.
Download Mandiant’s full report to understand more in depth and detail what the 2022 cybersecurity landscape will look like – from actors to threats.
This content was produced by Mandiant. It was not written by MIT Technology Review’s editorial staff.