Ransomware threats will continue to increase unless governments and technological innovations can significantly change the cost-benefit balance for attackers, as crime is simply too lucrative. These types of attacks are expected to increase in critical industries where paying cybercriminals are essential to protecting health and safety. Attackers are expected to adopt new tactics as they become more enterprising and anticipate counter-negotiation strategies.
Additionally, conflicts between malicious actors in ransomware-as-a-service operations are expected to increase, affecting how victims and organizations feel about ransom payments. The US government has imposed sanctions on suspected threat actors to contain ransomware attacks. However, this approach to deter organizations from paying money to extortionists can lead to negative recourse claims for victims.
Deepfakes are another threat that has been used to facilitate business email compromise (BEC) scams, bypass Multi-Factor Authentication Protocols (MFA), and Know-Your-Customer (KYC) ID verification bypass, and will be increasingly used from 2022 and beyond.
Key nation-state actors in Russia, Iran, China, and North Korea are likely to maintain an aggressive stance to advance each of their regional interests. Russia’s range of operations is expanding as it targets NATO, Eastern Europe, Afghanistan and the energy sector. Iran will use its cyber tools to target Israel and the Middle East to shift the balance of power in its own interest. Through cyber espionage, China is ready to support the Belt and Road initiative and expand its operations. North Korea will use its cyber skills and take risks despite its financial and geographic challenges.
As organizations continue to rely on cloud and cloud-hosted third-party providers, these third-party providers are facing increasing pressure to maintain availability and security. The increase in cloud adoption by 2022 will be accompanied by an increase in cloud compromise and abuse.
The outlook for incoming threats in 2022 looks grim as ransomware actors become more aggressive and skillful in evading defenders’ tactics and negotiations. Attacks are likely to become more expensive and lucrative for cyber extortionists. As government agencies try to curb the ransomware-as-a-service business, it could have negative repercussions for businesses. The increasing threats posed by ransomware, deepfakes, and aggressive international nation-state tactics may be daunting for businesses, but vigilant and focused on cyber defense technologies can protect them.
Load clients. down Complete report to understand more deeply and in greater detail what the cybersecurity landscape will look like in 2022 – from actors to threats.
This content was created by Mandiant. It was not written by the editorial staff of the MIT Technology Review.