10 Security Trends and Predictions for 2022

As we get ready to welcome 2022, this past year has left a big impression on the security landscape. Given what we’ve experienced recently, what will 2022 bring?

At any moment, there are both worst-case scenario attacks happening—including the Cuban-based ransomware attack last month that has compromised 49 U.S. infrastructure organizations¹—and lesser security threats causing minimal damage. You have to be ready for either. Hackers aren’t going to slow down in 2022 since they’re now part of a multibillion-dollar industry. We have to assume they’ll use every tool, skill set, and vulnerability they can to keep their revenue streams healthy.

That said, I want to share what I believe are some of the top security trends to watch in 2022:

“Connected” or “smart” buildings could be new targets. Building access systems have already been in the sightlines of hackers, and security professionals have already pointed out serious vulnerabilities in smart building control systems that hackers could exploit. The convenience of having lighting and window blinds controlled by IoT sensors could easily become a point of entry for online criminals.
Cybercriminals will continue to innovate and evolve. Remember, they’re skilled at adopting the same technology tools we use to make our own organizations more efficient and competitive. Also, as bad actors study the threats that encourage targets to pay ransom quickly, they may adopt attacks that cause even more damage when organizations don’t pay, like physically erasing data or destroying core infrastructure. At worst, attackers could even focus on causing physical harm to people by interfering with IoT health devices or hospital devices.
Ransomware will only get more creative and even more damaging. In 2021, we learned about newer ways for attackers to use ransomware against organizations—like “cyber espionage” (see more below), in which hacktivists steal data to expose it publicly, often for political or issue-based reasons. There’s also “intermittent encryption ,” in which hackers only encrypt alternate bundles of data to escape detection. The bottom line is that ransomware creators haven’t exhausted ideas for wreaking havoc on their targets.
Data is not only stolen but also sold. If organizations decide not to pay a ransom, attackers might not stop at simply locking out access to data. We’ve seen these “double extortion attacks” for a while now, where attackers exfiltrate and encrypt data, then sell it off online. Of course, attackers are now brainstorming ways to add even more pain for targets, with triple, quadruple, and even quintuple extortion. The latter attack includes damaging the company’s brand, stealing processing power to mine cryptocurrency, and threatening executives with doxxing.
Supply chain disruption will continue. Expect more supply chain disruptions as hackers continue to target supply chain software, putting third-party vendors and providers and their customers at the hackers’ mercy. Also, strategic attacks will focus on targets that have more to do with operations than data. Hackers want to compromise OT environments (or have companies shut them down themselves, causing an outage) to bring about more widespread disruption.
“Cyber espionage” is really a thing. Cyber espionage is a new spin on ransomware in that the attackers who seize data don’t usually want money—they want your data so they can expose it publicly. Hackers do homework to identify the biggest payloads from their targets, such as classified, sensitive data, or proprietary, intellectual property. Example: In October 2021, hacktivists published a huge haul of data stolen from a live streaming site, including all of the site’s source code. They wanted publicity for their message, not ransom money.
We’ll learn to treat data as a first-class citizen. If data is so valuable, why aren’t we working harder to keep it safe? Apparently, we’re on the way to getting better at it. As IDC notes, “By 2024, due to an explosion of edge data, 65% of G2000 will embed edge-first data stewardship, security, and network practices into data protection plans to integrate edge data into relevant processes.”

And why do we need to be smarter and more skilled stewards of our data? In addition to all of the reasons cited above, the bad guys are as innovative as the good guys. We need better visibility into data, and we need fail-proof backup and recovery systems that keep business going even if attackers do get a foot in the door.

Government oversight might throw a wrench into security strategy. Your best-laid security strategy plans could go awry if you have to adhere to compliance and government regulations. Data compliance rules have become tighter—and depending on the business you’re in, so have government regulations around the use and retention of sensitive personal information.
Quantum computing could crack encryption—eventually. Quantum computing could accelerate dramatic breakthroughs in science and health. In the wrong hands, quantum computing could also accelerate the likelihood of damaging hacker attacks since bad actors would be able to crack encryption much faster and with far less effort. It’s still a ways off but a fascinating one to watch.
Hackers will home in on data with the greatest value. Naturally, all data is not equal, as hackers are well aware. That’s why data from the healthcare industry has been such a lure in past ransomware attacks. Given the growth of cyber espionage (see #6 above), we also think it’s likely that corporate trade secrets and other intellectual property will prove tempting. Hackers broke into a global professional consulting provider over the summer and threatened to sell insider data if a ransom wasn’t paid.

Bottom line: We can’t predict the future or the next big ransomware attack, but we can be ready. A big part of readiness and responsiveness is having the right data security infrastructure to bounce back quickly from any threat. Make 2022 the year you’re ready for anything with backup and recovery solutions from Pure Storage.