Cybercrime outlook for 2022

Reality check: Cyber criminals will always look to exploit new opportunities to extort, steal or defraud people and organisations, it’s nothing personal of course, they’re out there to make money like the rest of us. It’s a game, and in the pursuit of winning, they really don’t care who they hurt or what collateral damage is inflicted just so long as people pay up.

Framing the increasing cyber crime problem like this helps put things into perspective, in so much as helping people understand that the problem isn’t going away, perhaps by sweeping it under the carpet, by going into denial or refusing to acknowledge within a company that it happened and things need to improve. Cyber crime is as much here to stay as viruses like the common cold and we dare to say, Covid.

Whether a software virus is infecting systems or employees are committing white-collar criminal acts through the misuse of company IT infrastructure and systems, cyber crime is a virus and it should be treated exactly the same way. The remedy though is our own natural immune system – not from a health perspective though, but our innate ability to ‘feel something isn’t right’ and a good awareness of the attack vectors cyber criminals are likely to use against us.

The similarities with natural viruses continue, and given our rapid appreciation for the impact on quality of life and personal freedoms, it’s perhaps a good analogy to follow. For instance, if a viral infection is detected in a medical environment, people suit up, as much to protect themselves as to not contaminate the environment further. The same can be said about a cyber crime investigation, where a forensic approach is taken in examining the digital environment to understand how the infection got in and how it is behaving. If you don’t treat the event forensically, you risk contaminating the scene of crime and rendering the data gathered useless for legal use. How companies and even people respond to an attack is as much part of the problem as it is the cure.

Cybercrime is set to see explosive growth over the coming year and beyond.

This year, 2022, will continue to see the world plagued by natural viruses (if indeed Covid was natural) and those of a digital nature inflicted deliberately by human hands. We won’t speculate on the growth statistics for cybercrime, as that is a foregone conclusion, it is growing fast and will continue to do so. However, a better view of the impact of cyber crime is to look at what people and companies are going about it, as this is what directly affects a company’s bottom line and, importantly, trust in the company or organisation. For instance, banks have fared poorly here for some time, however, all industry sectors are increasing their cyber security budgets over the next three years, for example:

• Financial services: 15%
• Consumer services: 20%
• IT and Technology: 17%
• Manufacturing: 20%
• Telecoms: 15%

Another indicator is the growth in employment roles associated with countering the cyber threat. Chief among these is the cyber security analysts. A US labor department report recently forecasted these positions to grow by over 30% over the coming decade.

Overall, industry sources suggest that the global market for cyber security products and services will grow to around $350B by 2026.

Investment in countering cyber crime

Increasing numbers of firms are investing in internal positions dedicated to securing the workplace and IT infrastructures against cyber threats. Even smaller businesses are now looking to their IT providers and consultants to assist them in safeguarding their operations.

World wars have yielded many new and advanced technologies, not just for a war effort either. Technologies and inventions created out of fear and necessity have found their way into everyday life, most notably materials and computers. In an odd kind of way, the war against cyber crime is having a similar impact because:

• It’s taught users and developers alike, not to take things for granted
• It’s making developers think more proactively and in much greater depth about actual usage scenarios for the products they create. Every new product that has a digital aspect to it is a potential gateway for cyber criminals. Just look at the impact of the discovery of a fundamental security flaw in Intel microprocessors. Such flaws allow determined criminals to gain access to the underlying subsystems of such devices, totally circumventing inbuilt security.
• It’s teaching laypeople and everyday consumers of online services more about the services they take for granted each day and to be extremely cautious about their personal security and online activity. This has driven considerable improvements in online systems, applications and computer hardware and software, most of all, awareness, making it more difficult for the simpler online scams and phone scams to succeed. After all, a scam requires a minimum of two parties – the scammer and the victim; you can’t control the scammer, but you can control whether or not you become a victim.
• Such trends have created new opportunities in consumer devices and employment.

As with a conventional war, it’s obviously better if these things never happened, but the fact of life is, they do; it’s human nature. The choice is simple: accept and take charge or deny and fall victim.

Cybercrime trends for 2022 and beyond

Here’s a list of some of the challenges we see in 2022 and have been reported on in the industry press too.

Covid has ushered in a new era of home working

Home working is probably a too simplistic term, because what has really happened has been an attitude shift in the strategic view of flexible or hybrid working. Employers have for years resisted allowing employees to work from home, except under certain circumstances. Today however, they have been forced to implement this. The choice now is whether to continue once restrictions are fully lifted.  Many employers have found the practice to be workable. Indeed the slow shift in this direction over the past few years has seen the rise of a new type of worker, the ‘peripatetic’ worker – a mobile worker or even a digital nomad.

Naturally, this work force scenario has introduced considerable complications in security. Remote access is a high profile attack vector for cyber criminals. Considerable effort has to be spent to ensure that a remote or mobile work force has security implemented as tightly as possible – from ensuring mobile computing devices are tied down with the latest security software, to the use of secure VPNs; even counter surveillance technologies for those employees with more sensitive roles that require extended travel and who might become the target of a hostile state action or competitor espionage.

The threat of weaponisation

Not too long ago this was the stuff of Sci-fi or horror movies, where technology is turned against its masters. Perhaps this may seem a little dramatic for most digital users, but not so much for those operating critical infrastructure, where recent cyber attacks have sought to cause disruption and injury. It’s not hard to see how determined attackers could increasingly target consumer products to wreak similar havoc – perhaps by giving false or life-threatening misinformation, or by directly hacking essential services. This is a growing problem.

Social media engineering

As we have seen in recent times, many people get their news from social media. For some, social media is their only trusted source of information, because it comes from their friend’s interpretation of events. However, it’s easy for those inclined to use social media for manipulative purposes. Whether this is state actor sponsored interference in geo-politics or manipulation at a local level, the danger is there and has already been experienced.

Social engineering attacks, using phishing techniques, have seen huge growth over the past few years. No more so than during Covid lockdown, as people are desperate to interact, fall easy prey to manipulative schemes seeking to tease out sensitive information, allowing scammers to build a profile of their target victims.

Deep fake schemes have proliferated as artificial intelligence technologies have become more accessible. Synthesising the appearance, speech and mannerisms or those individuals people have come to trust and rely on is now mainstream. This presents real challenges for those whose identities are being faked, but none more so than those who use the information without questioning its authenticity.

Such are the dangers of social media that complacency can present to those who take for granted much of what they read or see – often simply because they want to see or hear what is presented to them. Worse still are those, perhaps with a conspiracy mindset and a need to be heard and seen, who propagate such fake information without a moment’s thought.

Here’s some food for thought in a socially engineered environment. A quote by Seneca the Younger, a Roman Stoic philosopher, is worth reflecting on. He said:

“We are more easily led part-by-part to an understanding of the whole – Facilius per parties in cognitionem totes adducimur”.

Today this can easily be reinterpreted as “Social media more easily leads us part-by-part to an understanding somebody else wants us to have”.

Ransomeware attacks

This is an area of cyber crime that continues unabated. A favoured route to extort victims. This attack vector persists even though the viruses that enable them are well known. The increasing penetration of Internet-of-Things (IoT) devices will likely yield even greater opportunities for this type of attack as interconnectivity improvements reveal weak spots in infrastructure, such as the API’s (application programming interface) such devices use, their implementation and strategy.

A greater reliance on software applications that need personalised information to be effective, is another route ransomware attacks can come from. While most people are familiar with the idea that you can turn on your PC and find a message from an extortionist informing you your PC hard drive has been encrypted and you need to pay them a sum in BitCoin, fewer people are familiar with the attack vectors extortionists can take through hacking into software applications used for daily life.

Cloud computing attacks

In the relentless search for information access optimisation to improve efficiencies in data access, many companies have turned to cloud-based services(SaaS) and storage. This is true for many industries, especially where distributed information processing and information access for a global operation is an essential source of competitiveness.

For instance, even at a small business level, website developers and operators are likely better off by serving certain web assets from cloud-based services, as this yields improvements in speed for visitors in other countries, as they are able to access data and the assets necessary for the website’s operation from a server local to them.

More and more individuals are being encouraged to upload all their personal photos and general day-to-day information to services like Google Drive, DropBox, Amazon, etc. All of these services are vulnerable to ransom attacks or basic data theft as they rely on an individual’s approach and attitude to personal security. Steal a simple password, guess it through their social media activity or phishing email and the person’s life can be stolen or held to ransom. The same is true for an organisation.

Supply chain attacks

While cloud computing is an example of this, the increasing threat comes from the vulnerability of managed services and their providers as a whole. While such operators may provide broad website services or connectivity services, there are those that offer cloud-based SaaS (Software as a Service) products. The financial sector has plenty of examples in this area, any online accounting service, such as those marketed by Xero,  Sage, Oracle, Microsoft, etc. present such opportunities. Their API’s and user access interfaces present opportunities for attack or through user complacency.

Attack opportunities may also arise through companies offering online logistic services as part of a firm’s manufacturing operations. Often these companies run logistics for many companies and so a breach in their services could cause widespread disruption.

Summary

2022, just like years gone by, will present an evolving set of cyber crime challenges for individuals and businesses alike. Now is not the time to be complacent.

Unlike a certain pandemic virus, we do have a good degree of control over the vulnerability we have to cyber crime. While we will certainly have to live with both ‘viruses’ in the coming years, simple education and awareness, such as the act of ‘being present’ when conducting ourselves online, is the key to mitigating many of the risks presented by cyber criminals.

Whether you are personally using the digital world as part of your daily life or an employee of a company using or providing digital services, the effectiveness of any counter cybercrime activity, system or software relies on the operators and users being present and aware of the inherent dangers present daily. Ultimately, the weakest link is the human element, the responsibility rests here, and is the key to not becoming a victim.