TL;DR – more of the same. It would be nice to think that the efforts of the infosec community will start to turn the tide in 2022 but the pace of adoption of networked stuff means we are unlikely to do more than stand still. Happy New Year!…:
In the Experian ninth annual Data Breach Industry Forecast, five predictions for 2022 underscore the ongoing impact of the pandemic on cybersecurity. Cybercriminals will continue to exploit vulnerabilities within remote working and the vaccine ecosystem, but also set their sights on new targets such as online gambling.
This year is on pace to be a record-breaking year for data breaches. To help organizations stay a step ahead, the report warns of the following potential threats:
• Cyberdemic 2.0: Adaptation Leads to Trouble: Remote or hybrid work and the IT infrastructure required to support these constantly shifting patterns – both in the corporate office and in the home – mean vulnerabilities that emerged last year will only become more acute in the one to come. Booster vaccine distribution and fraudulent digital proof of vaccination will also keep public health authorities busy as COVID-19 continues to plague society.
• Perfect Storm: Natural Disasters and Broken Supply Chains: Natural disasters will drive more donations to aid organizations, and both donors and people in distress will see an increase in phishing attempts masked as charitable giving. This will be complicated by broken and unreliable global supply chains that will make the sourcing of important emergency goods difficult – another vulnerability that hackers will look to exploit.
• Hackers Bet on New Gamblers: As more states legalize online sports betting, phishing scams will target the growing ranks of online gamblers, particularly new entrants. Relatedly, scammers will also target fantasy sports sites, whether through phishing attempts or outright hacks.
• Digital Assets Put Us in Peril: Cryptocurrency arguably entered the mainstream last year, and NFTs (or Non-Fungible Tokens) are not far behind. As people increasingly accept these as legitimate transactions and legitimate asset classes, both will become targets for attack, revealing that these ostensibly safe, immutable assets are in fact vulnerable.
• Infrastructure: New Roads to Theft and Destruction: Cyberattacks have generally sought either disruption or extortion, but soon both state and non-state actors will more frequently target physical infrastructure like electrical grids, dams, or transportation networks. Hackers may target funds disbursed by Congress that are intended to rebuild U.S. infrastructure.
“While society still grapples with the pandemic, organizations are also trying to get a handle on cybersecurity against new vulnerabilities and different types of attacks,” said Michael Bruemmer, global vice president of Experian Data Breach Resolution. “Businesses must increase their focus and move past simply catching up to the “new normal” in how they operate. Cybercriminals have honed in on pandemic disruptions this past year so security professionals need to shore up security protocols and have data breach response plans in place – especially for ransomware – should a breach occur.”
There have been more than 1,200 data breaches recorded to date, which is a 17 percent increase so far over last year. Most troubling, ransomware has doubled in frequency in 2021.
To access the white paper, visit www.experian.com/data-breach/2022-data-breach-industry-forecast