A look into the future of cybersecurity: Are we ready to stop cyberattacks?
From a cybersecurity point of view , 2021 was not a very good year. It started with a big move to contain the SolarWinds cyberattack and is ending with record highs in ransomware attacks.
Organizations in all parts of the world have had to go to extraordinary lengths, with a hybrid workforce experiencing ongoing security issues stemming from the COVID-19 pandemic, as well as skills shortages , cyberattacks on critical infrastructure, and the relevance of cryptocurrencies for cybersecurity, among others.
What will be the challenges to overcome in cybersecurity in 2022?
ransomware empire
An analysis by the SILIKN research unit noted that there were around 640 million attempted ransomware attacks by the end of September 2021, so by the end of the year, this number is forecast to approach 890 million. Attempts. In the banking and financial services sector in Mexico alone, attempted ransomware attacks increased by more than 2,500% in 2021.
What have been and will be the sectors most vulnerable to ransomware in 2022? As we know, ransomware has become one of the fastest growing areas of cybercrime in recent history. In 2021, a ransomware attack occurred every 10.2 seconds.
Ransomware damage in 2021 is estimated to be around $32 billion in losses. And unfortunately, by 2030, the damage toll from ransomware attacks is predicted to reach $299 billion per year, with attacks every 1.8 seconds.
It is important to mention that the current reports have different data (in part because many of the companies that were victims of ransomware attacks did not report such incidents), so it is difficult to know the exact data of the affected organizations. But according to the SILIKN research unit, 57.8% of organizations in Mexico have suffered a ransomware attack and experienced an average of nine days of downtime during 2021. While the overall figures may vary somewhat, the truth is that ransomware is expected to skyrocket next year.
The sectors most affected by ransomware in 2021, and no major changes are expected for 2022, are:
Government: 22.9%
Financial Services: 18.7%
Health Services: 15.3%
Education: 12.4%
Technology: 7.9%
Manufacturing: 4.7%
Retail/Retail Sales: 3.1%
Other Sectors : fifteen %
Usurpation of corporate identity
While much attention has been focused on ransomware this year, one of the trends we will see much more of in 2022 is website cloning and online fraud issues. Consumers and brands are being defrauded by cyberattacks originating from abroad.
Scammers target well-known brands, be they banks, tech companies, or even cryptocurrencies, hoping the consumer won’t realize that the link they’re clicking takes them to a clone of the real website. Thinking they are on the right site, the consumer enters their login and enters other sensitive information, leading to credential theft, account takeovers, and further problems.
Tackling website cloning requires an offensive attack . Organizations will need to use cybersecurity tools that can identify scams as soon as they materialize and shut them down before they reach consumers, employees or other users online.
Insiders continue to be an alert for organizations
In 2020, employees stayed home to avoid contracting and spreading COVID-19. In 2021, many employees will stay home because they want something more, something that their jobs don’t offer them.
Cybersecurity, already grappling with the skills gap and millions of job vacancies, is now hit by the “Great Resignation,” in which people change jobs, taking their knowledge with them. Whether it’s an early retirement or a move to less stressful positions or careers, organizations will be tasked with filling a widening knowledge gap, and this needs to be a top priority.
Innovation and formation of the dark side
A crucial point to consider for 2022 is the readiness and innovation of cybercriminal groups to develop, distribute, and execute ransomware. Unfortunately, criminals are better trained and financially motivated to carry out these attacks.
Cybercriminal groups operate in a structured way . Furthermore, unlike authorities and governments, they have no bureaucracy and share information, methodologies, tools and often support those who know less about technical issues.
Since the FBI, NSA, Interpol and Europol, among other agencies, are on the hunt for cybercriminals who attack large corporations, governments or critical infrastructure in more developed countries, criminals will take advantage of this to carry out larger, more frequent and more sophisticated attacks. against organizations in Mexico, where cybersecurity is still a slow-moving issue.
In 2022, we will see an exponential increase in ransomware attacks against small and medium-sized businesses (SMEs), especially those located in Mexico and other Latin American countries. The ransomware as a service (Raas) model will also allow more and more criminal gangs to operate and grow their operations in different parts of the world. It is estimated that Latin America will be one of the most attacked regions in 2022.
Both the Organization of American States and the Inter-American Development Bank have pointed out that cybercrime has managed to surpass drug trafficking at times both in scope and in profits, so it is forecast that 2022 will be a complex year for authorities around the world. the world since we would be seeing more and more alliances between drug traffickers and cybercriminals.
The worst cyberthreats, contrary to what appears in the media and social networks, are not ransomware, DDoS attacks, social engineering or phishing. The worst cyber threat is the ability of cybercriminal groups to operate, organize, attack, learn, understand, share and be much better prepared than authorities and governments.
That is the real threat : the ease with which cybercriminals operate from behind the scenes and apply all their expert knowledge to carry out malicious acts. Understanding how these cybercriminal groups work is critical to stopping them.
About the author: Víctor Ruiz is founder of SILIKN and mentor of the Cybersecurity Center 05000. In addition to being a technology entrepreneur, he is a cybersecurity technician with CSFPC and LCSPC certificates, CSCT certified cybersecurity instructor, cybersecurity expert at BEDU, management consultant of crisis and risks, pentester and communications consultant.