As 2021 draws to a close, it’s time for cybersecurity experts to cast their runes and forecast what to expect for consumers and practitioners over the coming year.
Cybercriminals will go from identity theft to identity fraud, predicted Identity Theft Resource Center in San Diego.
Bad actors accumulate personally-identifying information, but they don’t use it to target consumers as much as they used to. Rather, they use it in credential attacks against businesses, explained the nonprofit dedicated to minimizing risk and mitigating the impact of identity compromise and breach. criminality.
The increase in fraud will lead to another development in 2022: Consumers are opting out of certain types of online activity, the ITRC has predicted.
“Continuous improvement in the ease and quality of phishing attacks will force some consumers to rethink their online shopping and change their communication habits for fear of falling prey to emails, websites or texts. perfectly falsified, “the ITRC said in a press release.
“Some people are likely to opt out of emails altogether because they think the risk is too great,” he added. “It could lead to a return to ‘old fashioned’ communications like telephone and postal mail.”
Malware on the decline
The center also predicted that malware will stabilize as the root cause of data breaches over the coming year and that re-victimization rates will increase.
Ransomware can catch up with or overtake phishing-related breaches as the number one cause of data breaches, he noted, while supply chain attacks will push malware out as the third leading cause of data breaches. data breaches.
The number of consumers repeatedly victimized by online scammers continued to increase in 2021 and this trend will continue in 2022, the ITRC observed.
“Single incidents that target multiple individuals or organizations will impact more victims in all communities and geographic areas,” the center predicted.
“The takeover of social media accounts, in particular, will leverage individual subscribers and networks to create new channels of victims,” he added.
Another attractive area for digital bandits in the coming year will be cryptocurrency scams, according to To look for, a San Francisco-based mobile phishing solutions provider.
He cited figures from the Federal Trade Commission which showed from October 2020 to May 2021, consumers reported losing US $ 80 million in cryptocurrency investment scams, with a median loss of 1,900. $. That’s 12 times the number of reports from the previous year, Lookout noted in a corporate blog.
“Because cryptocurrency accounts are not government insured like the US dollar, and cryptocurrency payments are not reversible, the risk to consumers is particularly high,” he explained.
“With people embracing crypto at high speed, scams will continue to grow in sophistication, prevalence and value as bad actors scramble to get people to donate their currency,” he added. .
Targeted home networks
Another development in 2022 will be the increased use of home networks as infrastructure for hackers, predicted Ilia Sotnikov, vice president of user experience and security strategist at. Netwrix, creator of a visibility and governance platform for cloud environments in Irvine, California.
“A home network is much easier to infect with malware than a corporate IT environment secured by professionals,” he told TechNewsWorld.
“With the increase in processing power and bandwidth connectivity in residences, home networks will become more attractive to bad players,” he said.
“For example,” he continued, “by infecting many devices, they will be able to dynamically change IP addresses or even domain names during malware campaigns, thwarting common defenses such as IP blocking. and DNS filtering “.
Sotnikov also predicted that there would be more attacks on managed service providers. “The attackers used a very effective strategy to gain access to large organizations – through the relatively weaker IT infrastructures of the SMEs that provide services to them,” he explained.
“As a result, managed service providers will need to increase both the breadth and depth of their security measures, as many SMBs rely on them for their security,” he said.
Zero Trust Growth
At the enterprise level in 2022, securing hybrid clouds will become an imperative of Suite C, said Nicholas Brown, CEO of Hitachi identification systems, an access governance and identity management company in Calgary, Alberta, Canada.
He also predicted that zero trust networks, which require continuous authentication and monitoring of network behavior, will saturate hybrid cloud security infrastructures.
“Traditional VPNs and perimeter-based security are on the way out, arguing for zero trust networking to continue to grow and dominate conversations about hybrid cloud security,” he told TechNewsWorld.
“With the increased implementation of SaaS, the makeup of organizations’ networks is more vulnerable to attack, increasing the need for parameterless protection such as a zero trust architecture,” he added.
As Zero Trust grows over the coming year, so too will the use of identity access management systems, said Michael Bunyard, IAM Marketing Manager at WSO2, an open source integration provider in Santa Clara, California.
“CISOs will make IAM the cornerstone of their zero-trust security initiatives, especially for cloud-native organizations,” Bunyard told TechNewsWorld.
“While there is no one-size-fits-all solution that will make Zero Trust a perfect reality, IAM is the necessary starting point that will initiate good cybersecurity hygiene during application development, worker management remotely and controlling IoT deployments, ”he said.
Democratization of security
Another development in 2022 will be the increased importance of security at the edge of the business, predicted Jennifer Fernick, global head of research at the CNC Group, a cybersecurity consultancy firm in Manchester, UK.
“As IoT devices proliferate, it’s critical to build security into the design of new connected devices themselves, as well as the AI and ML that run on them,” she told TechNewsWorld.
“Taking a cyber-aware approach will also be crucial as some organizations begin to use 5G bandwidth, which will increase both the number of IoT devices around the world and the size of attack surfaces for them. users and producers of IoT devices, and the myriad of networks they connect to and the supply chains through which they travel, ”she said.
Next year, a major development in the business sector will be the further democratization of security.
“The tradition of having a single identity or security administrator is rapidly diminishing,” Bunyard observed.
“Democratization of security will take place, ensuring that everyone within an organization is familiar with best security practices and is able to do their part to prevent a breach of security,” he continued. .
“No one will be able to say that security is not my job anymore. Developers, in particular, will have to wear multiple hats as the tech skills shortage intensifies, ”he said.
“It also means that cybersecurity will have to make its way into the coding curriculum to give new software engineering graduates more security skills,” he added.