Trends indicate that cybercrime in 2022 will continue to increase and further entrench itself as a part of life both domestically and with regard to international business and political relationships.
2021 was a year of escalation in both the severity and frequency of cyberattacks. As criminals continually pried into security cracks present either due to poor security protocols or the chaos inherent to a world changing to cope with a global pandemic, news related to everything from phishing scams to ransomware attacks on healthcare facilities and state-sponsored snooping regularly made the headlines.
Why will cybercrime in 2022 increase?
A perfect storm of three major factors has been brewing over the last two years that have provided the ideal environment for bad actors to work within.
First, the sudden, sharp rise in crime can be easily attributed to the onset of the COVID-19 pandemic.The migration of in-house teams to remote workforces has had a disastrous effect on cybersecurity, as managing protocols is extremely challenging when every employee’s home networks and endpoint security features have to be taken into account. Additionally, short staffed IT teams, either spread thin due to people being out sick or looking for new work, exacerbated the issue.
Secondly, the worldwide connections that promised so much during the advent of the internet have proven to be a double edged sword. With everything from critical medical devices to kitchen appliances incorporating internet connectivity, criminals have gained entirely new ways in which to access user information or cripple devices, demanding payment from those victimized.
Third, criminal enterprises have become very much aware that a great many organizations and companies have allowed security protocols to lapse, if they ever had them in place at all. Weak passwords, poorly maintained VPNs and more have made data-rich medical practices, tech companies, transportation agencies and even the FBI susceptible to hacking.
The world of cybersecurity as a whole seems to have been caught off guard. Faced with new, serious demands from the sudden influx of predatory malware and data thieves, unprepared companies have seen their data breached from both direct attacks and those levied against third-part vendors who have access to private information.
Cybercrime in 2022 so far
As 2022 barely gets off the ground, it’s evident that last year’s cybercrime spree shows little sign of slowing down.
Last year’s biggest exploit persists
As of the writing of this article on January 24th, the Log4j Windows vulnerability discovered in the final weeks of 2021 continues to wreak havoc within networks that have yet to update their software or those who were too slow to do so before hackers were able to take advantage of the exploit. To make matters worse, a similar vulnerability was discovered in Java that can allow a bad actor a similar degree of control over a victimized system.
Experts expect that these vulnerabilities, while quickly absent from the news cycle in spite of their severity, will pose continual challenges throughout the year.
Healthcare and humanitarian hacks continue
The International Red Cross found itself the victim of an attack on a third party company that the organization employed to store data, exposing the private data of more than half a million people that the humanitarian enterprise was tasked with safeguarding during periods of international conflict. Considering the nature of the data stolen, it is reasonable to assume that the Red Cross will find itself forced to negotiate with the thieves.
Attacks on smaller but no less critical healthcare organizations also continue, as hospitals grapple with trouble related to the coronavirus and find their staff perpetually spread thin and overworked in environments that depend heavily on web-connected devices and computers.
COVID-19 cybercrime resurges
Scams related to the COVID-19 pandemic continue to persist, as the Omicron variant of the virus has wreaked havoc on hospital facilities and staff alike. Instances of phishing scams related to vaccination and testing have increased by more than 500% as hackers look to capitalize on the anxiety and confusion with regard to the virus’s spread.
We can expect cybercrime in 2022 to continue to take advantage of virus-related fears, especially if further variants appear that keep tensions high.
Crypto hacks expected to escalate
The wild west world of cryptocurrency continues to create a landscape favorable to hackers, thanks to its prioritization of anonymity and the lack of federal oversight and regulation. Crypto.com, one of the largest cryptocurrency exchanges in the world, lost $30 million after hackers were able to breach their two factor authentication and transfer funds out of users’ wallets.
The breach and theft, initially downplayed by the company, illustrates that even the largest players in crypto can be pickpocketed by hackers as 2021’s many crypto-related hacks continue to echo into the new year. Cybercrime in 2022 will likely further highlight the dangers inherent to participating in the the volatile crypto market.
International cyber warfare fully realized
Along with 2021’s ransomware thieves and scammers, state-sponsored cyberattacks became front and center. With large scale hacks affecting the supply chain, the Colonial Pipeline and even the internet at large, the Biden administration and the US congress has placed a greater focus on cybercrime. An international coalition was formed to help expedite the exchange of information related to hacks, and talks between President Biden and Russian President Vladimir Putin regarding his country’s harboring of cybercrime gangs took place.
While Moscow authorities did their part to dismantle the notorious ransomware gang known as REvil, the maneuver comes during a time of increasing international tension as Russia is believed to have sponsored attacks against Ukraine’s government computer systems.
Putin, who views Ukraine as a Russian territory as opposed to an independent state, will likely utilize cyberattacks to supplement the pressure put on Ukraine by the presence of troops along the country’s borders.
Russia’s activities in Ukraine illustrate the important role that cyberattacks can play when it comes to negotiation, leverage and aggression in today’s landscape. Regardless of the outcome of Russia’s actions, the playbook will surely continue to be used globally as countries with historic tension, like Israel and Iran, take skirmishes to the digital world and continue to delegitimize and hamper one another with everything from website defacement to transportation shutdowns.
As the year progresses, we can expect to see cybercrime in 2022 further weaponized through strategic cyber warfare. We can also expect an international bolstering of defenses against it as cyberspace finally fully realizes its prediction as the “battleground of the future.”
What can be done about cybercrime in 2022?
The biggest hacks simply cannot be prevented by individual users. We entrust organizations to protect our data or suffer the consequences. However, most of the multibillion corporations that make headline news due to security failures are able to weather a black eye and have little to answer for, as public outrage regarding security breaches rarely reaches the level of severity that they should unless a service is visibility disrupted.
As greater regulation is considered at all levels of the US government when it comes to cybersecurity accountability, it’s important to consider your own personal habits with regard to cybercrime in 2022. Most hacks are waged against small businesses, many of whom are never able to fully recover.
Here are some personal cybersecurity basics that can help keep you safe:
Password strength is paramount. Strong, randomized passwords will help fortify you against some of the most preventable hacks.
Use multi-factor identification wherever possible. While not foolproof, hackers are opportunists and are quick to take advantage of easily-breached accounts long before they put in the work to crack into those that are more adequately protected.
Update your hardware and software. Developers are continually issuing patches to help mitigate vulnerabilities that can be used to steal your data. Update your OS and all software regularly and quickly. Swap out outdated hardware with refurbished firewalls or network switches from a reputable dealer.
Train your staff and yourself. The vast majority of hacks take place because of some degree of user error. Whether it’s an employee clicking a link that leads to malware or a fraudulent email that is designed to look like it came from your boss, knowing how to spot the fakes is critical.
Sources:
2022 is shaping up to be an epic fight to protect data by Bree Fowler, 10 Jan 2022, CNET
COVID test related scam emails still highly popular among cybercriminals 24 Jan 2022, Help Net Security
International Red Cross hack exposes half a million vulnerable people 20 Jan 2022, BBC News
Crypto.com Says ‘Incident’ Was Actually $30 Million Hack by Lorenzo Franceschi-Bicchierai, 20 Jan 2022, Vice
Cybersecurity is Still The Top Tech Threat in Healthcare, According to ECRI by Eric Wickland, Jan 24 2022, HealthLeaders
15 Important Cybersecurity Statistics in 2021 6 Feb 2021, TitanFall
