Advanced ransomware attacks, cryptocurrency-related scams, increased data breaches, and increased identity theft and fraud are just a few of the region’s top cybersecurity predictions for 2022.
Cyberattacks in the Middle East hit record levels in 2021.
According to reports, malware, distributed denial of service (DDOS) attacks, ransomware, and other common threat vectors grew by double digits in 2021, with the government, private, oil and gas, telecom, and healthcare and finance sectors being the most affected.
With cybersecurity threats on the horizon and threat actors’ tools becoming more advanced and smarter, it is more essential than ever for companies to take a proactive approach to protect themselves from these risks.
As we enter the new year, TRENDS spoke with four risk experts about the major trends that will shape the cybersecurity industry in 2022 and beyond, and here are their predictions:
Amir Kanaan, Managing Director for the Middle East, Turkey, and Africa at Kaspersky Lab
- The GCC is heavily reliant on oil and gas. Hence, protecting crucial infrastructure is essential. We should keep in mind that cyber attackers are interested in gaining the trust of their targets through third-party IT suppliers.
- Attacks using network devices, emerging 5G security vulnerabilities, and more advanced ransomware attacks are some of the main things we will need to keep an eye out for in 2022.
- The region’s government sector is one of the most exposed to complex cyber threats. Second are finance, ecommerce, and retail. Anything involving money or data attracts a lot of attention, and cybercriminals use phishing to infiltrate their victims within these industries.
- Attacks on the critical infrastructure of heavy industries like manufacturing, oil and mining, chemicals, etc., will increase. These attacks are severe because they can disrupt production operations or, worst, affect people’s lives.
For example, these attacks can shut down the supply of drinkable water or damage traffic systems. We should raise awareness about these attacks because they often go unprotected. - Cryptocurrency attacks will grow and evolve into a threat globally. Since all crypto transactions occur online, it gives the users the luxury to stay anonymous. This is an attractive cover for cybercriminals, who keep coming up with new ways to steal investors’ financial assets.
Not to forget, there is also something called “Cryptojacking,” which is the unauthorized use of people’s devices (computers, smartphones, tablets, or even servers) to mine cryptocurrency. The motive is to make profits, but it is designed to stay completely hidden from the victim, unlike other threats.
Sam Curry, Chief Security Officer, Cybereason
- RansomOps have replaced simple repurposed malware strains. Cartels like REvil, Conti, and DarkSide run long-term campaigns with payloads as the last link.
In this context, anti-ransomware strategies must shift from targeting the encrypting malware to targeting RansomOps indicators of behavior (IOBs), allowing the defending business to completely bypass encryption. - According to Cybereason’s study of espionage tactics like DeadRinger and GhostShell, they could monitor client communications by gaining access to telecommunications. Criminal gangs will copy the state actors’ effective DeadRinger and GhostShell strategies in 2022.
Customers will have to reconsider creating trust in their digital service provider, and digital service providers will have to review their risk profiles. - In 2022, criminal and state actors will likely collaborate and align objectives for optimal impact. In response, regional governments are likely to escalate their preparedness strategies through entities such as the Computer Emergency Response Team for UAE (aeCERT) and Saudi Arabia’s National Cybersecurity Authority (NCA).
- Cryptocurrencies will threaten regional cyber security. From traditional cash to internal combustion, most inventions are insecure. The real question is whether cryptocurrencies produce more development, opportunity, and wealth than they risk.
But like with most technological advances, we won’t know for a while. A slowdown or even a halt to cryptocurrency is possible but not easy.
Nicolai Solling, Chief Technology Officer, Help AG
- We expect ransomware attacks to increase in 2022, aggravated by the development of ransomware-as-a-service, which has turned ransomware into a profitable business model.
- Malware is becoming much more capable and intelligent in terms of how it infects systems; traditionally, malware has involved the encryption of files, but we are now seeing file exfiltration, taking data outside the infrastructure.
- More attacks will target infrastructure rather than apps. Adversaries are fast attacking weaknesses in cloud infrastructures, software platforms, and third-party apps using technologies like automation.
In addition, these vulnerabilities will be used to launch supply chain attacks similar to the SolarWinds breach. - DDoS attacks have increased over the last three years, and we predict this trend to continue in 2022. DDoS assaults are one of the cybercriminals’ favorite ways to cause massive disruptions and financial implications for targeted businesses.
- The Banking, Financial Services, and Insurance (BFSI) sector are especially at risk. The industry experienced repeated DDoS attacks targeting BFSI customers with varying attack patterns across Q1, Q2, and Q3 of 2021.
- Energy companies are one of the primary targets in 2022, owing to their critical role in the national economy and security, as demonstrated by the Colonial Pipeline disruption earlier this year.
Gaurav Mohan, VP Sales, SAARC & Middle East, NETSCOUT
- Cybercriminals target all sectors, but emergency services, healthcare, water treatment, and local government are particularly vulnerable. Data breaches and ransomware seem to be targeting everything in 2022: health, food, and even children’s education.
- In 2022, we expect threat actors to use the global crisis’ weaknesses and develop new attack vectors to attack our new normal’s flaws. Their intelligence and motivation will enable them to develop new vectors or improve existing ones. Adaptive DDoS, triple extortion, and DDoS extortion attacks are expected to continue this year.
- Cryptocurrencies haven’t directly driven ransomware, but they have acted as an enabler, lowering the entry barrier for ransomware gangs and operators. The attackers demand a ransom once they have access to their targets’ data. The attacks are successful because the payment methods are untraceable.