Whilst any cyber attack is unpredictable, there are trends that hackers follow. Here are some of the main ones to be aware of in 2022.
1. Current event-based phishing attacks
Phishing is not a new tactic, however attacks are becoming increasingly sophisticated. By tapping into current news topics, scams can seem more convincing. This has been seen during the conflict in Ukraine, where a number of false charity drives have appeared, and also throughout the COVID-19 pandemic.
2. More sophisticated extortion techniques
Cybercriminals are using more psychologically advanced extortion techniques. Some attackers are now not only demanding ransom payments from their victim, but also from their customers if the victim doesn’t cooperate. The growth of attacks on supply chains emphasises the need for businesses to ensure that all companies they work with have a strong security culture in place. It’s no longer enough to just worry about your own cybersecurity.
3. AI increases scale and frequency
As technology becomes more advanced in helping us with daily tasks, it also helps hackers. AI models, often designed for legitimate purposes, are being adapted by criminals to launch spear phishing emails on a much larger scale, without the need for any advanced knowledge of the target or industry.
Voice cloning – using AI to mimic the people’s voices – is also being used successfully, tricking victims into believing they are sharing confidential information with their superiors.
4. Hybrid work creates new opportunities for hackers
More companies are allowing employees to work from home, however this is increasing the opportunities for cyberattacks. Many organisations don’t secure company phones or laptops with a connection to the company network, and collaboration tools, such as Microsoft Teams or Zoom, are increasingly becoming targets for attacks. As homeworking becomes the norm, employees are also becoming more relaxed with security guidelines, resulting in higher chances of errors.
The speed at which criminals are finding new ways to manipulate people and systems means businesses need to regularly adapt and update their security protocols to keep one step ahead.