If the havoc wreaked on society by hackers via ransomware and other attack vectors in 2021 wasn’t bad enough, 2022 is shaping up to be yet another banner year for cybercrime.
According to Experian’s 2022 Data Breach Industry Forecast, the cyber threat landscape in the new year will again be heavily influenced by the Covid-19 pandemic with malicious actors leveraging the spread of the virus and its variants to take advantage of public and private sector organizations in what the report dubbed as “Cyberdemic 2.0.” For example, because of the roller coaster-like ride that businesses have been on relative to the opening and closing of offices, many are still heavily reliant on remote or hybrid work structures that have created new vulnerabilities that have yet to be fully leveraged by cybercriminals.
Among the report’s other 2022 predictions include:
- Perfect Storm – Natural Disasters and Broken Supply Chains: Natural disasters will drive more donations to aid organizations, and both donors and people in distress will see an increase in phishing attempts masked as charitable giving. This will be complicated by broken and unreliable global supply chains that will make the sourcing of important emergency goods difficult – another vulnerability that hackers will look to exploit.
- Hackers Bet on New Gamblers: As more states legalize online sports betting, phishing scams will target the growing ranks of online gamblers, particularly new entrants. On a related note, scammers will also target fantasy sports sites, whether through phishing attempts or outright hacks.
- Digital Assets Put Us in Peril: Cryptocurrency arguably entered the mainstream last year, and NFTs (Non-Fungible Tokens) are not far behind. As people increasingly accept these as legitimate transactions and legitimate asset classes, both will become targets for attack, revealing that these ostensibly safe, immutable assets are in fact vulnerable.
- Infrastructure – New Roads to Theft and Destruction: Cyberattacks have generally sought either disruption or extortion, but soon both state and non-state actors will more frequently target physical infrastructure like electrical grids, dams, or transportation networks. Hackers may target funds disbursed by Congress that are intended to rebuild U.S. infrastructure.
Of these various threats, Michael Bruemmer, Global Vice President of Experian Data Breach Resolution, says the two that he is most concerned about in the year ahead are online sports betting and new digital assets.
If you have watched any live sporting event on television this year, then you will know first-hand how hard it is to avoid coming across an advertisement from one of the large online sportsbooks that are now able to actively solicit bets from residents in states that have loosened restrictions on internet gambling. However, a wholesale shift from playing fantasy sports to being able to bet on the outcomes of actual games is also welcomed news to hackers who will have an entire new audience to scam.
“Sixty-one percent of all casino revenue is now online and the fastest growing of online gamblers are the 24-35-year-old crowd where 72% of all the bets they place – whether it is fantasy sports or any form of betting – is done through a mobile device,” Bruemmer explains. “You combine all of that with the fact that in 2020 the largest fantasy sports booking service, DraftKings, had a major hack. This is $72 billion industry, and the hackers are going to follow the money and with all of the money flowing in there we think that 2022 will be one of those years where gambling is going to be a headline in terms of a data breach.”
While many people think of digital assets as only applying to Bitcoin and other cryptocurrencies, Bruemmer says an increasing amount of personal data is being digitized and will subsequently be targeted by cybercriminals.
“The other thing we see with digital assets is with Apple’s push with the states to digitize driver’s licenses and vaccination cards, there are also more things that are going to be put on your mobile device that have value,” he adds. “As we’ve seen in the last 30 days by the number of stories, this Pegasus software, which was created by one of the startups spun off from the Israeli defense consortium, that software through something as simple as an SMS text can infiltrate a phone and steal the data off of it.”
The Ransomware Wake-Up Call
Though cybersecurity experts have been sounding alarm bells for years about the dangers posed by ransomware, the prominent incidents that took place in 2021, such as the attack against Colonial Pipeline that disrupted the supply of gasoline to parts of the East Coast, have now forced both business leaders and lawmakers into action. The good news, according to Bruemmer, is that more organizations are now better prepared to deal with these types of attacks moving forward, however; he cautions that it certainly won’t be going away as all it takes is tricking one unsuspecting employee to open an email and click on something they shouldn’t to start a crippling infection.
“I do think organizations are better prepared to respond because of the technology and some of the processes and controls they have put in place. But while organizations have improved their security posture, individuals remain the weakest link and because of the pandemic, they are more connected than they ever were before digitally and because of this connection there is the new vulnerabilities,” Bruemmer says. “When we talk about work from home, there are 36% of the people that are working from home currently, according to LinkedIn, that still haven’t been given a directive – you’re returning to work or you’re staying at home. You combine that with the fact that you have weak security both from a VPN, lack of encryption or weaker firewall in the home environment and a new study from the Czech Republic that said 53% of the people they surveyed admitted they were more distracted at home and paying less attention to cyber hygiene than they would have been in an office environment, that tells me that the work from home component as part of the Cyberdemic 2.0 is going to continue to be a problem.”
Attacks Becoming Less Sophisticated
One of the big reasons why ransomware has become so pervasive, according to Bruemmer, is that attacks can now be carried out by small time actors who actually buy kits from professional hackers, and he says that these and other simply executed attacks will continue in 2022.
“I’ll use the example of the mild-mannered QR code. During the pandemic, all of us went into a restaurant and, maybe even the first time back, they said, ‘I’m sorry we don’t have paper menus, but if you click on the QR code in the center of the table, it will pop up the menu online for social distancing and you can see that,’” Brummer explains. “Well, QR codes have an infinite number of combinations, but they can be easily duplicated and copied, and you can’t tell a QR code that is legit from a fake one. They have them as check-in points for the TSA, they have them at border crossings, they have it in the line at my local grocery store to do checkout and pay online if you want to click the link, but who knows if they are real or not? It is going to be an evolution of simple things that people trust just like clicking on a link or taking a spam phone call and giving a voice print. People that are trusting and aren’t paying attention or distracted are going to fall victim to it.”
Staying Ahead of Threats
To help stave off some of the attacks hackers are anticipated to launch in 2022, Bruemmer advises organizations of all sizes to put a plan in place and to subsequently rehearse it and revise it as necessary.
“We’ve seen with our top end clients that have reserved response, which is a guaranteed SLA (service-level agreement) program, they are forced to have a plan that we approve before they can get their SLAs. We see those with a rehearsed plan have 15% fewer breaches because they have done the work across their entire security eco-sphere to be ready,” he adds. “But when they do have a breach, they are able to save about 20% to 25% of the total cost because they are more prepared, more efficient, quicker to respond and get the notifications out the door versus having it be drawn out, which is a benefit to the consumer as well as protects the brand reputation and ongoing operations.”
For more information or download a full copy this year’s report, click here.
Joel Griffin is the Editor-in-Chief of SecurityInfoWatch.com and a veteran security journalist. You can reach him at [email protected].
