As many might have noticed in the past year, cyber criminals are gaining headway over businesses and costing single companies millions of dollars. The global cost of cybercrime in 2021 was estimated to equal $6 trillion, and is predicted to cost $10.5 trillion by 2025. With this steep increase in costs, it’s important for businesses to begin taking cybersecurity seriously and understand what they are up against. Remote work for many people has increased the amount of phishing victims, which often leads to ransomware in an organization. Other large threats seen in 2021 include cyberattacks on healthcare, attacks targeted towards mobile devices, and a growing number of zero-day attacks.
As we round out 2021, it’s imperative that we begin looking forward at the top cybersecurity threats we’ll see in 2022. From the rise of cryptocurrency to the continuance of phishing, ransomware, attacks on critical infrastructure, and supply chain attacks, this upcoming year has a lot of potential for cyber criminals.
Ransomware Fueled by Cryptocurrency
Ransomware continues to spread across the globe at high rates, and it likely isn’t going to slow down as we enter 2022. One of the biggest game changes in the past few years is the emergence of cryptocurrency, mainly Bitcoin. The appeal of cryptocurrency lies within the anonymity and ease of transferring money from wallet to wallet. Ransomware that is fueled by getting cryptocurrency was involved in 79% of cybersecurity incidents in the past 18 months at the time of research. Cryptocurrency is hard to trace because personally identifiable information is not tied to a person’s wallet. Also, it is not regulated by any certain government, so it is hard to handle cases that involve more than one country.
As for ransomware in general, 61% of experts expect incidents to increase in 2022. Cyber attackers continue to find new ways to steal and demand it, making it one of the top cybersecurity threats we’ll see in 2022. Review our blog, “How to Save Your Business from a Ransomware Attack,” for tips on combatting ransomware.
Cyberattacks on Critical Infrastructure
Another top cybersecurity threat we’ll see in 2022 is cyberattacks on critical infrastructure. In the past three years, 83% of critical infrastructure organizations surveyed reported a breach of some type. Some of the main targets of critical infrastructure include transportation, energy, telecommunication, public services, and critical manufacturing sectors. Attacks on critical infrastructure can be devastating as many people rely on these types of services. A recent attack on critical infrastructure is the Colonial Pipeline. The Colonial Pipeline attack halted gas distribution for five days. These attacks on critical infrastructure tend to target control systems opposed to data. Because of the complexity of these systems, normal cybersecurity solutions often do not work.
Phishing is a dominant cybersecurity threat we will continue to see in 2022. With many people continuing to work from home, cybersecurity measures are essential to companies. A survey found that in the month of September, 2021, 35% of organizations were targeted by at least one phishing attack. Cyber attackers are finding new techniques to make their attacks more sophisticated. They are using more specific criteria and doing more research to target victims. Phishing attacks are unique from other cybersecurity threats because they can target businesses or people by using information from their personal or professional life. These attacks are also unique because they are extremely popular around the holidays when people are online shopping and distracted. For examples of phishing trends around the holidays, review our recent blog. For additional tips and tricks, check out our infographic, “How to Spot a Phishing Email.”
Supply Chain Attacks
Another cybersecurity threat on the rise is supply chain attacks. A couple major incidents this year were the attacks on Kaseya and SolarWinds. In 2021, the amount of supply chain attacks increased by 650% with an average cost of $1.4 million per incident. Cyber attackers engage in supply chain attacks because they can gain access to other companies’ data through one entry point. The main objective of supply chain attacks is usually to gain source code and customer data. In Kaseya’s attack, ransomware was deployed through their systems. At the end of the day the attack infiltrated about 1,500 other businesses that were their clients. The attack on SolarWinds ended up impacting around 18,000 of their customers. When businesses have other organizations relying on it, it’s critical to make cybersecurity a top priority.
Check out our recent blog, “What Should You Budget for in 2022?” to learn about how to combat some of these upcoming threats.