Top 10 cyber crime trends to watch for in 2022

Global cyber crime costs are expected to increase by nearly 15 per cent on a yearly basis over the next four years to reach $10.5 trillion annually by 2025, from $3tn in 2015, California research company Cybersecurity Ventures has said.

Cyber criminals have taken note of successful tactics from this year, including those making headlines tied to ransomware, nation states, social media and the shifting reliance on a remote workforce.

Industry experts expect them to pivot those into next year's campaigns and grow in sophistication, wielding the potential to wreak more havoc across industries.

“Over this past year, we have seen cyber criminals get smarter and quicker at retooling their tactics to follow new bad actor schemes – from ransomware to nation states – and we don’t anticipate that changing in 2022,” Raj Samani, fellow and chief scientist of the combined company formed after the merger of McAfee Enterprise and FireEye, said.

“With the evolving threat landscape and continued impact of the global pandemic, it is crucial that enterprises stay aware of the cyber security trends so that they can be proactive and actionable in protecting their information,” Mr Samani said.

The National looks at the top 10 cyber security trends of the year ahead:

Weaponising operational technology environments

Cyber criminals could weaponise operational technology environments to harm or kill humans in the next four years, the Connecticut-based technology research and consulting company Gartner has said.

The OT is a type of computing and communication system – including both hardware and software – that controls industrial operations, mainly focusing on the physical devices and processes they use. It is used to gather and analyse data in real time, which is further used to monitor a manufacturing unit or to control equipment.

Various industries, such as telecoms and oil and gas, use OTs to ensure different devices work in co-ordination.

Attacks on OT environments have evolved from “immediate process disruption” such as shutting down a plant – for example in the recent Colonial Pipeline ransomware attack that took down the largest fuel pipeline in the US – to compromising the “integrity of industrial environments” with intent to cause physical or reputational harm, Gartner said.

Remote working brings new challenges

Remote working spurred by the Covid-19 pandemic could compound cyber threats in 2022.

Home devices that employees use to access office networks are usually not subject to the same security restrictions as corporate devices. This complicates efforts to control and monitor employees’ digital behaviour, applications and data outside traditional firewalls, industry analysts said.

Geopolitical cyber concerns pose growing risks

Some state actors will launch cyber attacks because they are “cheap, reliable, portable, easily hidden and hard to detect”, Moody’s Investors Service said in a report earlier this year.

The state-sponsored attacks threaten reputational damage, cause disruption of work flow and loss of intellectual property.

“Entities that find themselves the targets of these attacks could experience substantial credit damage,” the rating agency had said at the time.

Use of social media for attacks

While using social media to target victims is not a new strategy, it is relatively uncommon. It demands a level of research to engage the vulnerable target into interactions and establish fake profiles.

“The targeting of individuals has proven a very successful channel and we predict the use of this vector could grow not only through espionage groups, but [also] other threat actors looking to infiltrate organisations for their own criminal gain,” McAfee Enterprise and FireEye said in its cyber threats predictions for 2022.

Cryptocurrency exchanges to experience an increase in attacks

Cryptocurrency exchanges experienced a 10-fold increase in attacks in the first half of the year compared with the prior year period, said a report by cyber threat intelligence company PhishLabs, although it did not disclose the exact number of attacks.

The majority of the cryptocurrency attacks were orchestrated through social media.

“We anticipate cryptocurrency businesses will continue to be aggressively targeted by threat actors through social media in future … [it is] due to a majority of their activity and communication taking place through social platforms,” the report said.

Hackers pulled off the biggest cryptocurrency heist yet on August 10, stealing $613 million in digital coins from token-swapping platform Poly Network, only to return $260m worth of tokens less than 24 hours later.

Phishing attacks

Phishing typically comes in the form of fraudulent emails or pop-up messages that aim to obtain personal information from victims, such as credit card details and sensitive data, including personal identification numbers, usernames and passwords.

Phishing emails may also secretly install malicious software or malware in victims' computers. Such nefarious installations may be a virus or spyware designed to collect more information, which could lead to further fraud.

API becoming a lucrative target

Internet of Things and 5G traffic between API (application programming interface) services and apps will make them increasingly lucrative targets, causing unwanted exposure of information.

The connected nature of APIs potentially also introduces additional risks to businesses as they become an entry vector for wider supply chain attacks, McAfee Enterprise and FireEye said.

“In most cases, attacks targeting APIs go undetected as they are generally considered as trusted paths and lack the same level of governance and security controls.”

API is a connection between computers or programmes that allows two applications to interact with each other.

Cyber security talent crunch

The coming year will prove to be the most challenging one yet with regards to the continuing cyber security talent crunch, said the US cyber security firm BeyondTrust.

“Some drivers of this supply-demand imbalance include the accelerated adoption of hybrid cloud and digital transformation initiatives, post-pandemic projects ramping up and budgets becoming available for spend,” it added.

Rise of ransomware

The use of ransomware has picked up pace and became more dangerous in 2021. It will continue its rapid rise next year and its variations will increase with the frequency of attacks.

“Organisations must stop trying to prevent adversaries’ missions and instead prevent them from being worthwhile,” said Marty Edwards, vice president of operational technology at Columbia-headquartered cyber security company Tenable.

“In other words, organisations must make sure these missions cost too much to conduct. If the reward doesn’t cover the cost of the investment, threat actors won’t pursue it,” he added.

Cloud migration poses threat

Nearly half of the organisations moved business-critical functions to the cloud as a direct result of the pandemic, said Tenable.

However, cloud migration requires specific considerations that will likely be overlooked in 2022. For instance, detecting and preventing malicious activity in the cloud is a lot different, said Bob Huber, chief security officer at Tenable.

“And this can be further complicated by the nuances of working with cloud providers, as well as other company stakeholders looking to rapidly adopt new services in the cloud.

“Unless organisations educate their entire teams, not just security teams, about securing the cloud, they will inevitably pay the price as their migration accelerates,” said Mr Huber.