With more attackers entering the market with malware-as-a-service campaigns, bad actors will continue to target the essential tools every distributed workforce is using. And we expect this to only get worse in the New Year. “This situation has reshaped the threat landscape and has created new opportunities for attackers to change their approach.
He said, “The shift to remote work has moved from a temporary measure to help curb the spread of the virus to a more permanent strategy for many businesses. Michael Gorelik is the threat officer and head of threat intelligence at breach prevention firm Morphisec. As these fraudsters continue to improve their ability to impersonate and mimic real people, it will get harder and harder for real people to tell what’s legitimate and what’s a ruse.” The Remote Work Trend Is Exploited “Their timing and writing style improving dramatically, to the point where even sophisticated security industry experts can be fooled. We’ve seen scammers get increasingly adept at impersonating C-level executives, colleagues, friends and family members. “In 2022, socially engineered scams will become even more lifelike. “In other words, we will see certain businesses faced with the dilemma, do we pay our supplier’s ransom, or can our operations afford and withstand our supplier’s downtime? The ripple effect of triple extortion ransomware attacks will force businesses to scrutinize and audit their supply chains’ access to their data and the security and policy controls surrounding their trusted relationships.” Scams Use ImpersonatorsĪrmen Najarian is the chief identity officer at Outseer, a company in Silicon Valley that's focused on stopping payment fraud. “Ransomware attackers won’t stop at extorting the victim organization for ransom, they will extort its business partners whose data it holds or business partners who cannot afford the supply chain disruption. He said that, “In 2022, we’ll see more and more triple extortion ransomware, whereby a ransomware attack experienced by one business, becomes an extortion threat for its business partner.
Nick Rossmann is the global threat intelligence lead at IBM X-Force, a threat intelligence sharing platform.
#IBM X FORCE EXCHANGE CODE#
‘This malware will not be limited to any single type of exploit but rather have the ability to dynamically modify its code ‘in the wild’ to compromise a wide range of vulnerabilities that exist today.” Business Partners Receive Extortion Demands
He predicted that, “Extremely advanced, AI-driven, weaponized malware will emerge with the capability to circumvent most (if not all) of the defensive and detection security technologies used today. “This will not only impact how business leaders must think about risk but will also be leveraged by threat actors to increase the sense of fear and urgency during an incident.” Malware Is WeaponizedĬhris O’Ferrell is the chief threat officer of CodeHunter and a technology executive with over 35 years in the cybersecurity industry. “We are likely to see the continued expansion of syndicated and franchised criminal operations, increased dedication to ransom as a primary means of monetization, and continued adoption of new technologies such as deep fakes to make social engineering more effective. Cyberthreat intelligence expert Ross Rustici, a managing director with StoneTurn, predicted that the threats in 2022 “are likely to be evolutionary rather than revolutionary.