Expect a cybercrime feeding frenzy in 2022

Issue 1 2022 Information Security

South African CISOs are making cyber resilience a top priority again this year and with good reason: 2022 looks set to be a feeding frenzy for cyber criminals. All indications are that this year could set new records in terms of the volume and ferocity of cyber-attacks.


Doros Hadjizenonos.

FortiGuard Labs’ predictions for 2022 indicate that cyber attackers will be aggressively targeting fresh victims and attack avenues, with organisations scrambling to defend themselves from attacks on every front. Attacks will be launched on everything from crypto wallets to satellite services, from the core to the edge.

Research by FortiGuard Labs last year showed an almost 11x increase in the number of ransomware attacks between 2020 and 2021, with continued growth expected this year.

But the volume of attacks is not the only thing to be concerned about. Until fairly recently, most cyber-attacks have targeted known vulnerabilities, but there are now indications that cyber criminals are redoubling their efforts to find and exploit new vulnerabilities.

As the potential attack surface continues to expand, cyber criminals will be looking to target every possible attack vector, such as new hybrid networks and work environments, remote workers and evolving connectivity options and new business-critical applications being deployed in the cloud.

Fortiguard Labs predicts new exploits targeting satellite networks over the next year and has begun to see new threats targeting satellite-based networks, such as ICARUS, which is a proof-of-concept DDoS attack that leverages direct global accessibility to satellites to launch attacks from numerous locations.

FortiGuard Labs also sees new edge-based challenges emerging. As edge devices become more powerful, with more native capabilities and more privileges, Fortinet experts expect to see new attacks designed to 'live off the edge'. Malware living in these edge environments will use local resources to monitor edge activities and data and then steal, hijack, or even ransom critical systems, applications and information while avoiding detection.

Given the recent attacks on critical infrastructure, FortiGuard Labs also expects to see more cybercriminals targeting operational technology (OT) systems, with the emergence of highly specialised tools that are now being packaged as attack kits on the dark web for this purpose.

FortiGuard Labs also expects to see a spike in new attacks including Linux platforms, expanding the attack surface further, out to the network edge.

Because cybercrime is proving wildly lucrative, with the US Treasury's Financial Crimes Enforcement Network (FinCEN) reporting nearly $600 million in ransomware pay-outs in the first half of 2021 alone, the challenge will be compounded by the expanding crime-as-a-service market, with new criminal solutions likely to emerge, including phishing and botnets-as-a-service and an increase in the sale of access to pre-compromised targets.

Protecting your network

If your network and security tools are not ready to work as an integrated, proactive cybersecurity mesh architecture to protect your organisation from the next generation of threats now, tomorrow may be too late to make the critical changes you need.

A cybersecurity mesh architecture integrates security controls into and across, widely distributed networks and assets. Together with a Security Fabric approach, organisations can benefit from an integrated security platform that secures all assets on-premises, in the data centre and in the cloud or at the edge.

Defenders will need to plan ahead now by leveraging the power of AI and machine learning (ML) to speed threat prevention, detection and response. Advanced endpoint technologies like endpoint detection and response (EDR) can help to identify malicious threats based on behaviour. Also, zero-trust network access (ZTNA) will be critical for secure application access to extend protections to mobile workers and learners, while Secure SD-WAN is important to protect evolving WAN edges.

Organisations are also strongly urged to harden their Linux systems and OT environments, including adding tools designed to protect, detect and respond to threats in real-time. They also need to take a security-first approach when adopting new technologies, whether upgrading Windows systems or adding satellite-based connectivity, to ensure protections are in place before adding them to the network.

In addition, segmentation will remain a foundational strategy to restrict lateral movement of cybercriminals inside a network and to keep breaches restricted to a smaller portion of the network. Actionable and integrated threat intelligence can improve an organisation’s ability to defend in real time as the speed of attacks continues to increase.

Meanwhile across all sectors and types of organisations, shared data and partnership can enable more effective responses and better predict future techniques to deter adversary efforts. Aligning forces through collaboration should remain prioritised to disrupt cybercriminal supply chain efforts before they attempt to do the same.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
Upgrade your PCs to improve security
Information Security Infrastructure
Truly secure technology today must be designed to detect and address unusual activity as it happens, wherever it happens, right down to the BIOS and silicon levels.

Read more...
Open source code can also be open risk
Information Security Infrastructure
Software development has changed significantly over the years, and today, open-source code increasingly forms the foundation of modern applications, with surveys indicating that 60 – 90% of the average application's code base consists of open-source components.

Read more...
DeepSneak deception
Information Security News & Events
Kaspersky Global Research & Analysis researchers have discovered a new malicious campaign which is distributing a Trojan through a fake DeepSeek-R1 Large Language Model (LLM) app for PCs.

Read more...
SA’s strained, loadshedding-prone grid faces cyberthreats
Power Management Information Security
South Africa’s energy sector, already battered by decades of underinvestment and loadshedding, faces another escalating crisis; a wave of cyberthreats that could turn disruptions into catastrophic failures. Attacks are already happening internationally.

Read more...
Almost 50% of companies choose to pay the ransom
News & Events Information Security
This year’s Sophos State of Ransomware 2025 report found that nearly 50% of companies paid the ransom to get their data back, the second-highest rate of ransom payment for ransom demands in six years.

Read more...
Survey highlights cost of cyberdamage to industrial companies
Kaspersky Information Security News & Events
The majority of industrial organisations estimate their financial losses caused by cyberattacks to be over $1 million, while almost one in four report losses exceeding $5 million, and for some, it surpasses $10 million.

Read more...
Digital economy needs an agile approach to cybersecurity
Information Security News & Events
South Africa is the most targeted country in Africa when it comes to infostealer and ransomware attacks. Being at the forefront of the continent’s digital transformation puts South Africa in the crosshairs for sophisticated cyberattacks

Read more...
SIEM rule threat coverage validation
Information Security News & Events
New AI-detection engineering assistant from Cymulate automates SIEM rule validation for SecOps and blue teams by streamlining threat detection engineering with automated testing, control integrations and enhanced detections.

Read more...
Cybersecurity a challenge in digitalising OT
Kaspersky Information Security Industrial (Industry)
According to a study by Kaspersky and VDC Research on securing operational technology environments, the primary risks are inadequate security measures, insufficient resources allocated to OT cybersecurity, challenges surrounding regulatory compliance, and the complexities of IT/OT integration.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.