Cyber Update – 2022 Set to be “Hangover” Year From 2021’s Cyber Epidemic

2022 Set to be “Hangover” Year From 2021’s Cyber Epidemic

Much of the cyber turmoil that plagued the world in 2021 will continue into 2022, with individuals remaining the top source of risk in an irrevocably online society, according to Experian’s annual Data Breach Industry Forecast for 2022.

“In a sense, 2022 will be a sort of hangover from 2021’s ‘cyberdemic,’” commented breach resolution firm in its report. “Since so much of our lives now take place online, the digitization of society means that our infrastructure, institutions and personal lives are more exposed than ever to malicious actors. Big institutions remain vulnerable, despite spending millions on security, and cybercriminals have plenty of opportunities to exploit weak technologies.”

Natural disasters and supply chain disruption—already a challenge for the broader insurance industry—are poised to become more of a problem for the cyber sector in 2022, Experian predicted. Charitable organizations and individuals will likely see an uptick in phishing attempts designed to provoke emotional responses in times of stress. Post-disaster donation scams have already cropped up and won’t abate any time soon.

“Thieves will impersonate legitimate vendors selling scarce items in high demand—be they masks, personal protective equipment, oxygen or other critical items,” the firm warned. The prediction ties in with another: the fact that individuals’ susceptibility to scams puts both corporations and consumer pocketbooks at risk.

“Remote or hybrid work and the IT [information technology] infrastructure required to support these constantly shifting patterns—both in the corporate office and in the home—mean vulnerabilities that emerged last year will only become more acute in the one to come,” the firm commented.

Experian highlighted online gambling as a greater source of attacks in the coming year. With many states legalizing the practice in recent years, cybercriminals have already begun placing their bets that online gamblers and the platforms themselves will fall for phishing scams.

“While cyberattacks on fantasy sports sites aren’t unheard of, expect them to become much more common as more people get involved with this activity…hackers [will] use this as a means to break into digital wallets, especially during times when bitcoin is soaring in value,” Experian said.

The firm said that increased reliance on digital assets would introduce more vulnerabilities in 2022. Non-fungible tokens (NFTs) experienced significant hype in 2021, and “where value—or perceived value—goes, thieves and bad actors will follow.”

“As cryptocurrencies and NFTs become more commonplace and are increasingly accepted as legitimate parts of our financial and technological landscape, both will become targets for attack,” Experian said. “The combination of a cryptocurrency transaction with distributed ledger technology make NFTs uniquely positioned for multiple points of vulnerability.”

Experian predicted pathways to further disruption on the national stage as hackers become more “brazen” about targeting critical infrastructure. Infrastructure improvements have been a key goal for the federal government in 2021, one that comes with massive new budgets cybercriminals won’t be able to resist.

“The sums are so large, and their distribution involves so many institutions and processes—from the Treasury to vendors, to banks, to individual contractors—that hackers will be probing for weaknesses in the money supply chain,” said Experian. State-sponsored hackers will also likely seek further disruption of electrical grids, energy firms and manufacturers.

“Businesses must increase their focus and move past simply catching up to the ‘new normal’ in how they operate,” said Michael Bruemmer, global vice president of Experian Data Breach Resolution. “Cybercriminals have honed in on pandemic disruptions this past year, so security professionals need to shore up security protocols and have data breach response plans in place—especially for ransomware—should a breach occur.”

© 2022 Zywave, Inc. All rights reserved.