While the covid-19 pandemic upended workplaces and ushered in rapid digital transformation, the turmoil around cybercrime has remained constant: attackers are always changing tactics to evade detection. Flexible, customer-first solutions have emerged to meet ever-changing circumstances to keep organizations secure and confident against cyber threats. In the new year and beyond, as technology and workplace trends evolve and laws and regulations change, cybersecurity forecasts are emerging.
Mandiant’s “14 Cyber Security Predictions for 2022 and Beyond” projects trends based on insights from leaders and experts around the globe to assess the evolving cyber environment and the security threats it faces. From ransomware to deepfakes to analyzing the security of IoT devices, these predictions are based on existing trends and incorporate the behavior of attackers and changing technological innovations.
14 cybersecurity predictions for 2022 and beyond
Ransomware threats will continue to grow unless governments and technological innovations can significantly change the cost-benefit calculation for attackers, as the crime is simply too lucrative. These kinds of attacks are also expected to rise in critical industries where paying cyber criminals is imperative to protect health and safety. New tactics are expected from attackers as they become more business savvy and anticipate counter-negotiation strategies.
Further, there is an anticipated increase in conflict among bad actors within ransomware-as-a-service operations, affecting how victims and organizations think about making ransom payments. The US government has placed sanctions on suspected threat actors in an effort to curb ransomware attacks. However, this approach to stop organizations from paying money to extortionists can cause negative recourse for victims.
Deepfakes are another threat that have been used to facilitate business email compromise (BEC) fraud, bypass multi-factor authentication (MFA) protocols and know your customer (KYC) ID verification, and will be increasingly used in 2022 and beyond.
Major nation-state actors in Russia, Iran, China, and North Korea will likely maintain an aggressive posture to promote each of their regional interests. Russia’s scope of operations will expand as it targets NATO, Eastern Europe, Afghanistan, and the energy sector. Iran will use its cyber tools to target Israel and the Middle East in an effort to shift power balances in its own interest. Using cyber espionage, China is poised to support the Belt and Road initiative and scale their operations. North Korea will flex its cyber capabilities and take risks despite its financial and geographical challenges.
As organizations continue to rely on cloud and cloud-hosted third-party providers, those third parties face mounting pressure to maintain availability and security. The growth of cloud adoption through 2022 will coincide with the increase of cloud compromise and abuse.
The outlook on incoming threats in 2022 appears grim as ransomware actors become more aggressive and adept at dodging defenders’ tactics and negotiations. Attacks are likely to become more elaborate and lucrative for cyber extortionists. While government agencies are looking to mitigate the ransomware-as-a-service business, there could be negative outcomes for organizations. The compounding threats of ransomware, deepfakes, and aggressive tactics from international nation-states may be daunting for organizations, but remaining vigilant and focused on cyber defense technologies can keep them secure.
Download Mandiant’s full report to understand more in depth and detail what the 2022 cybersecurity landscape will look like – from actors to threats.
This content was produced by Mandiant. It was not written by MIT Technology Review’s editorial staff.
Erik Prince wants to sell you a “secure” smartphone that’s too good to be true
MIT Technology Review obtained Prince’s investor presentation for the “RedPill Phone,” which promises more than it could possibly deliver.
Corruption is sending shock waves through China’s chipmaking industry
The arrests of several top semiconductor fund executives could force the government to rethink how it invests in the sector.
Inside the software that will become the next battle front in US-China chip war
The US has moved to restrict export of EDA software. What is it, and how will the move affect China?
Hackers linked to China have been targeting human rights groups for years
In a new report shared exclusively with MIT Technology Review, researchers expose a cyber-espionage campaign on “a tight budget” that proves simple can still be effective.
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.