The events of the last two years have turned on the projector on the theme of IT security, which with smart working that becomes a new reality becomes even more important. So let’s analyze what the experts define as the main risks of cybersecurity del 2022. And the possible ways to defend yourself.
The main cybersecurity risks of 2022
At the end of 2020 comes the attack on SolarWinds, which the Microsoft president described as the most sophisticated hacker attack of all time. Then a year in which news of ransomware blocking major companies and hackers stealing personal data followed one another. All in a historical moment where the horizon of the office has widened: it smart working has involved many, bringing new possibilities and comforts. But also by increasing the area that security experts have to defend: even the WiFi in your home can become an access point to your company.
But what will be the most difficult challenges for next year? What will the cybersecurity risks of 2022? But above all, how can we defend ourselves? Experts seem to have clear ideas about it.
Ransomware remains a major problem, even next year
The first news is not new but highlights a trend that has exploded over the past 20 months. In the first three months of 2021 there were more ransomware attacks than there have been in all of 2019. And according to a PwC study, in 2022 this cybersecurity risk will increase again: 61% of experts think so.
The ransomware closes the data behind a cryptographic wall which you can only unlock by paying a ransom to hackers, usually in cryptovalute. Usually, the attack happens through another notorious tool: the phishing via email. A misleading email convinces an employee to download the ransomware to a PC. From there, the danger spreads to the servers and locks your data. Recently, cases of ‘direct’ attacks via USB have also increased, especially for the most sensitive companies (healthcare, infrastructure, defense).
The security company Yarix he explains to ANSA: “In 2022 we expect ransomware attacks based on a four-level extortion model to continue:
- make victim data unusable by asking for a ransom to regain access,
- threaten to disclose the data and to return publish the violation,
- threaten to target the victim’s clients e attack la supply chain, that is, its technology suppliers with the aim of manipulating
- compromise the infrastructure and the source code of the software “.
The most effective answer, in this case as for the main cybersecurity risks of 2022, remains the education. If your employees can recognize phishing, you will keep ransomware away in the vast majority of cases. Informed users fall into the trap up to eight times less. But immediate backup solutions for continuity can be a safe solution for companies that can afford it.
Risks for cybersecurity 2022: attention to the Internet of Things
There are more and more devices connected to the corporate network. And it’s not just the fault / merit of smart working. According to forecasts, there should be well in 2022 18 million IoT devices (Internet of Things) connected. From sensors on the production lines of large companies to smart speakers in our homes, they are important resources. But also more devices for hackers to attack.
At the home level, attacks on devices such as smart TVs or refrigerators, which have less protection than PCs, and then connect to the home network. But the great risk is also towards the sensors and connected machinery of Industry 4.0.
Some companies are using “digital twins“, Which connect machinery to the cloud that normally would not be. In all these cases, there are specific solutions to defend the perimeter that continues to expand. But the first step is a check of all the devices and protections in place. Beyond the application of a protocol “Zero Trust“: All devices attempting to connect must first be verified. Also and above all for critical devices: think of cars connected to the network.
Data theft on the cloud, especially prominent personalities
The digitization of data, with the shift more and more towards the cloud, carries a security risk. Businesses know this and therefore try to compensate by increasing security, while continuing to take advantage of the convenience of finding their data online.
Private clouds are just as secure, with Google and other companies becoming more and more secure they ask for two-factor controls and greater safety. But cybersecurity education still remains patchy and many experts believe phishing via text as well as email could increase next year.
According to Yarix researchers, there will be more data theft especially among celebrities e influence, “In order to broaden the media phenomenon”.
Cybersecurity: responses will also improve in 2022
While it is true that an increase in ransomware and supply chain attacks for companies, as well as data theft for individuals, is expected. the answers are becoming more sophisticated.
According to Capgemini, two out of three companies now thought that artificial intelligence is fundamental for IT security. Behavioral analysis can stop some types of attacks in the bud. For example, if a user sends a large number of emails with suspicious attachments, the AI can infer that it is malware to work and stop the operation. Or it can signal users who perform risky actions: who do not use complex passwords to access the corporate network or who often log in with different devices. This makes it possible for IT teams intervene to educate them on cybersecurity, before it becomes a risk.
Furthermore, according to Gartner, by 2025, 60% of companies will choose their supply chain partners using IT security as the first criterion. Something that will increase attention to cybersecurity for direct market needs: those who want to do business must invest in security.
Finally, according to Security Magazine in 2022 also the States they will pay more attention to cybersecurity. We have already seen this in Italy, where a political reorganization is taking place to deal with cyber threats. And in the next year all over the world new rules on cybersecurity should become law. A dutiful intervention: this year the cybercrimes are cost 6 trillion dollars to the main world economies.
Beyond the forecasts of the experts, one trend is already certain: IT security will return to the center of the news again next year. The hope is that it will make the news for the response of individuals, companies and institutionsrather than the misdeeds of cybercriminals.