Ysrael Gurt’s Cybersecurity Predictions for 2022

We’re reaching the end of the year, and we’ve decided that the best way to help you prepare you to the coming year is getting our team’s brightest minds to talk about the trends they expect to see in 2022.

Without further ado, here are the predictions Ysrael Gurt, Our CTO and Co-founder, has presented us:

Which type of attack is going to rise in popularity?

First, let’s establish the foundations of a threat actors’ motive: hackers don’t want to work hard. They look for the easiest way to make a profit. Nowadays, it’s all about reputation. There’s nothing more valuable to an organization than its reputation, so the easiest way to profit is by threatening it. It’s not about whatever is being compromised; it’s about how much is the victim is willing to pay for its confidentiality. 

That is why ransomware is gaining so much popularity in the last few years. Attacking a well-guarded organization is hard, so threat actors must be creative to find an easy way inside. If the main gate is well guarded, it makes no sense to infiltrate that place. You look for wherever no one is looking, and hackers realize that digital vendors provide exactly that vulnerability.

Are there any specific sectors or industries that are at high-risk?

Since the eruption of COVID 19, industries that refused to digitize up until that point had to change their entire methods of operation. Sectors such as the financial and healthcare had to adapt to remote work in just a couple of months. They didn’t want to develop their entire digital infrastructures, so they relied on various digital vendors to functionalize their digital operations. 

The digitization process brought along with it new attack vectors. Remote work means that sensitive information once accessible only on-site is now open and accessible from anywhere. Defending one entry point is relatively easy, but protecting an exponentially growing amount of entry points? That’s pretty complex. 

What impact does cryptocurrency have on cyber-crime?

The introduction of digital coins to our lives also plays a role in popularizing ransomware, as it complicates tracking back the money. In the past, states heavily regulated money, so law enforcement agencies caught criminals by tracing it back. Nowadays, Cyber-criminals use unregulated cryptocurrency to profit through extortion, as it is much easier to hide the money.

Before cryptocurrency, the banks had complete control and regulation over the money. If up until now, threat actors tried to put their hand on an obvious resource, such as credit cards, now they’re much more sophisticated. If sensitive information (such as credit card numbers) is stolen, it won’t be as profitable as extorting an organization through its reputation. Unregulated cryptocurrency has enabled that and rendered ransomware profitable.

Lastly, is there any new attack vector that you think we should consider?

Attacking the supply chain isn’t the only way that threat actors can damage an organization. Another method that has gained popularity in recent years is using social media to dictate new social orders. Social media has a massive impact on everyone, and threat actors are figuring out how to utilize it as a new attack vector. 

Hackers comprehend the volatile potential of taking control over an influencer’s social media account and post provocative statements in their name to disrupt the market in whichever way favors the hackers. It’s not even that far-fetched, as we already saw it in the 2016 American elections, and I believe that we will keep hearing about similar incidents in the future.