Five business cyberthreats taking center stage in 2022

By scanning the horizon of cyberthreats, business leaders can stay ahead of each year’s changing roster of fraudsters, scammers and data thieves.

By scanning the horizon of cyberthreats, business leaders can stay ahead of each year’s changing roster of fraudsters, scammers and data thieves.

Every year, businesses face a changing threat landscape. It pays for leaders to know what the experts think will come next. If you’re upgrading your cybersecurity or looking for a new vendor, knowing what attacks are likely in 2022 will help you make the right choice.

It turns out our predictions for 2021 were on the money. So what should you and your colleagues plan for this year? We’re forecasting these four events that could have flow-on effects for other industries.

1.  Financial organizations will face more threats around cryptocurrency

Cryptocurrency keeps growing, and people will keep investing in it for many reasons, including its anonymity, which also makes it attractive to cybercrime groups.

State-sponsored groups have already started targeting the financial industry, and we think that will keep happening.

In the scramble for cryptocurrency investment opportunities, cybercriminals will use social engineering campaigns, fabricating and selling rogue devices with backdoors to steal financial assets.

More financial industry cyberthreats we’ll see in 2022

Are aliens the next big cyber-hackers?

Cybercrime in space

Cyberattacks happen in space more than you might think.

Read more

2.  Fake medical documentation will trouble healthcare

We saw the trade in faked medical documents like COVID-19 vaccination passports and test results in 2021. Fake vaccines were even spotted for sale on the dark web. As more countries roll out privileges alongside vaccination or test documentation, criminals will roll out more fakes.

Medical-themed bait has long featured in cybercrime. With the pandemic triggering increased use of online medical services, patients watch for notifications about test results and messages from doctors.

Spoofed medical notifications will catch anxious patients off guard, putting their private health data at risk.

More healthcare cyberthreats likely in 2022

3.  Governments will conflict and compromise with big tech

Governments are wary of big tech’s growing power and data hoarding. As states build more digital infrastructure for delivering services and deeper insights into their population, they’ll show more interest in what citizen data big business holds.

We’ll see more regulation, such as privacy and data localization laws, and regulation around how law enforcement can access data. Apple’s new system that scans devices for child abuse images shows the challenges of balancing user privacy against stopping crime.

More privacy predictions for 2022

4.  Industrial attacks will become more focused

In many parts of the world, a rapidly snowballing trend is laser-focused attacks, particularly on Industrial Computer Systems (ICS.) We’ve seen increasing theft of authentication data using spyware, with each attack directed at only a handful of targets. We think these kinds of attacks will make up an even greater portion of the threat landscape in 2022, and we’ll see the tactic used more widely.

These attacks show why industrial shop floors must be protected. Industrial internet of things (IIoT) devices are easily overlooked and often vulnerable.

More predictions for industrial cybercrime in 2022

5.  Ransomware attacks will get more targeted

2021 was a big year in ransomware, with a 30 percent growth in Ransomware 2.0, also known as double extortion. These attacks go beyond demanding a ransom to de-encrypt systems to using stolen sensitive data as leverage to pressure victims to pay up.

In November 2021, the US FBI warned ransomware actors are “using significant financial events, such as mergers and acquisitions, to target and leverage victim companies for ransomware infections.” At these times, any leaked information could have devastating consequences, making victims more inclined to pay ransoms. In 2022, this type of extortion will become more common.

Regular, high-quality cybersecurity training for all staff is one of the best ways of avoiding falling victim to ransomware. Kaspersky is one of several organizations behind the No More Ransom initiative, providing free decryption tools and advice for ransomware victims.

More on ransomware activity in 2021

As your strategic plans for 2022 take shape, improving cybersecurity will no doubt be among them. Your business must adapt as cybercriminals’ ways and means change. These predictions will help you and your team be forewarned and forearmed.

Kaspersky SecureList

Stay up to date on the latest threats as they happen.

Threat updates

Suggested articles
Author info

Free report: Get cyber-prepared

Our research with Longitude, a Financial Times company, found three things cyber-prepared organizations do well. Sign up for Secure Futures emails and get the report free.