Last year was an unprecedented one for cybercrime. The volume and severity of cyberattacks rose sharply, with many high-profile events taking place amid one of the more challenging periods in American history. As the COVID-19 pandemic caused organizations around the world to rapidly shift from in-office to remote workplace models, serious vulnerabilities in corporate IT were revealed — or introduced through hastily acquired tools and a dearth of cybersecurity talent.

The security experts at our global network of Cyber Protection Operation Centers (CPOCs) are always monitoring the cyberthreat landscape, identifying patterns and issuing recommendations. We’ve compiled our insights from 2021 — and predictions derived from the latest threat activity — into the "Acronis Cyberthreats Report 2022," a free and important resource for cybersecurity professionals.

As 2022 hits its stride, stay alert for these trends:

1) The continued evolution of ransomware
Ransomware has dominated news headlines in recent years, and it's already one of the most profitable forms of cybercrime. There's little reason to expect a change in 2022.

Threat actors will ramp up their attacks, already widespread on Windows-based systems, against other platforms. The increasing prevalence of macOS devices in the workplace presents new opportunities for cybercriminals, as does cloud infrastructure (90% of which is powered by Linux) and the Internet of Things (72%). It has already started: Malware threats against Linux rose by 35% in 2021 alone.

The continued growth of ransomware will lead to devastating impacts in the real world and to greater demand for official regulations and sanctions. Law enforcement has struggled to keep up with evolving cybercrime strategies, and this challenge may only worsen. New methods and tactics (such as smaller-tier groups) will permit threat actors to circumvent criminal investigations as they extort more businesses and organizations.

2) A rise in attacks on cryptocurrency and other blockchain assets
As many cryptocurrencies soared in value over the last year, attacks on cryptowallets and exchanges have increased significantly. We expect this trend to continue throughout 2022.

End users have struggled with credential-stealing phishing attacks and malware that swaps cryptowallet addresses in memory, causing victims to inadvertently redirect funds to attackers’ accounts. Coinbase, the largest US cryptocurrency exchange, reported that 6,000 of its customers fell victim to fund-draining phishing scams last year.

Our experts predict more attacks being waged against the programs at the heart of cryptocurrencies. Strikes against Web 3.0 apps, built on public blockchains, are likely to rise as well. This opens up new opportunities for sophisticated tactics like flash loan attacks, which may enable cybercriminals to drain millions of dollars from cryptocurrency liquidity pools.

3) Smarter phishing tricks and tactics
Email is already a major attack vector, with malicious messages responsible for 94% of all malware delivery. The dominance of phishing has increased with the prevalence of remote workplace models. Training users to recognize and avoid phishing is helpful, but users continue to fall victim — and it only takes one successful attack to compromise an entire organization.

Personalization isn't limited to marketing and customer service approaches. Automation allows attackers to create personalized messages with information mined from corporate websites and social media, making it tougher to identify a malicious message. Don’t expect any improvements on this front in 2022 — it’s too profitable for attackers. The hijacking of legitimate email services for spam campaigns is similarly worrisome, as victims struggle to recognize cyberthreats when coming from "trusted" sources. As cybercriminals try to bypass common anti-phishing tools, look for business email compromise (BEC) attacks to target alternative messaging services, such as text messages, Slack, and Teams chat.

4) An explosion in data breaches, especially owing to IT environment complexity
We're likely to see many large-scale data breaches in 2022. Despite an increase in data privacy regulations, the number of reported incidents will rise — largely because companies don't know where all their data is stored and how it can be accessed.

Complexities in IT environments, especially cloud services and storage, make data management and privacy compliance a challenge. Attackers are taking aim at cloud services and APIs to disrupt processes. Automated data exchange from IoT devices and machine-to-machine communications has increased the spread of data dramatically and will continue to do so.

Data breaches often have cascading consequences. In addition to the financial and reputational harm they cause to victims, the information mined from leaks can be used to tailor future attacks more effectively. As this trend grows, the danger for companies increases as breaches to their infrastructure can impact partners and customers. This makes attacks more than an IT nightmare; they’re also a PR one.

Protect Your Data From Today's Cyber Threats
To better prepare for the modern threat landscape, businesses and IT service providers should look to consolidate IT tools and move toward integrated solutions — an approach that can help to minimize supply chain attacks and enable more rapid reaction and recovery times. MSPs alone use an average of four vendors. Add in the sheer volume of tools being used by the average business, and this can seriously complicate management efforts while potentially opening up devastating security gaps.

Integrating data protection and cybersecurity practices into one approach will help your team consolidate efforts and reduce threat points. Learn more about Acronis’ cyber protection solutions for businesses and IT service providers.

About the Author

Candid_150x125.jpg

Candid Wüest is the VP of Cyber Protection Research at Acronis, where he researches new threat trends and comprehensive protection methods. Previously, he worked for more than 16 years as the tech lead for Symantec's global security response team. Wüest is a frequent speaker at security-related conferences, including RSAC and AREA41, and is an adviser for the Swiss federal government on cyber-risks. He holds a master's in computer science from ETH Zurich and various certifications and patents.