5 Cyber Crime Trends For 2022

Over the past few years cybersecurity has become a great concern for organizations and enterprises worldwide, as no industry is spared from cyber-attacks. With each year cyber criminals get smarter and quicker at revamping their operations to follow new, more sophisticated cyber crime schemes - from ransomware to nation-state threat actors, and it doesn’t look like it’s going to change in 2022.

 

Experts estimate that since 2018 the cost of global cyber crime has reached over $1 trillion. Cyber crime increases because it can be safe and profitable and occurs in an environment that is constantly expanding because many people and organizations rely on cyberspace to conduct their daily lives and business operations.

 

1. Data breaches

 

Successful cyber-attacks most often result in data breaches with hackers stealing valuable information belonging to a victim organization or its customers. According to a recent report, the number of publicly reported data breaches increased 14% in the first quarter of 2022, with around 92% of data breaches resulting from cyber-attacks. There were 404 breaches in the first three months of 2022, up from 354 in the same period of 2021, with the majority of them stemming from phishing/smishing/BEC (business email compromise) and ransomware attacks.

 

To gain access to an organization’s network or data hackers often leverage valid credentials obtained via various methods like phishing, malware, social engineering, abusing known vulnerabilities, or simply buy stolen account logins on the dark web marketplaces - hidden websites where criminals can acquire and sell stolen personal information, such as credit card numbers, bank account passwords, Social Security numbers, medical records, driver’s license data, and other data.

 

Dark web is an invisible area for organizations and businesses because it is a hidden part of the Internet only accessible via special software such as the Tor browser. However, by using dark web monitoring services organizations can reduce business risk, detect data breaches in a timely manner, and protect their intellectual property and reputation.

 

A 2019 survey revealed an interesting detail - 36% of respondents  believe that identity theft services can remove their personal data from the dark web, and 37% believe that such tools can prevent people who buy their personal information on the dark web from using it. But in reality, dark web monitoring may be able to alert consumers that their stolen personal information is being offered for sale on the Internet, but it can’t prevent the data from being sold.

 

2. Advanced phishing

 

Phishing has always been among the most dangerous cybersecurity threats and, despite the continuous development of new anti-phishing techniques, such attacks are still effective and many still fall victim to phishing schemes.

 

Phishing attacks commonly occur across email, mobile, or social media, and involve fraudulent messages designed to look like they came from a reliable source. The goal of such attacks is to obtain sensitive information like credentials, banking details, etc. According to a 2021 report, phishing attacks account for around 90% of all data breaches, and, more importantly, phishing ranks as the second most expensive cause of data breaches (an average of $4.65 million).

 

 

3. Ransomware

 

Ransomware is an ever-growing cyber threat for thousands of organizations and enterprises worldwide as it is one of the most potentially damaging and costly types of malware attacks. It is predicted that the cost of ransomware attacks worldwide will exceed $265 billion by 2031.

 

Recovering from ransomware attacks cost businesses $1.85 million on average in 2021, and only 8% of organizations got all of their data back after they paid a ransom.

 

 

4. Supply chain attacks

 

Supply chains are an attractive target for both cyber criminals and state-sponsored hackers (so called advanced persistent threat groups) because for the former they provide an opportunity for double-extortion attacks (for example, the 2021 Kaseya ransomware incident), and the latter can use supply chain attacks as part of cyber-espionage campaigns (the 2020 SolarWinds compromise).

 

In 2022, threat actors will continue to target the supply chains of enterprises, which give them new avenues into greater numbers of potential victims. Experts predict that 45% of organizations worldwide will have experienced attacks on their software supply chains by 2025, a threefold increase from 2021.

 

 

5. Cryptojacking

 

With the growth of the cryptocurrency market cryptojacking attacks, in which cyber criminals use hacked computers to mine for cryptocurrency, significantly increased. In fact, cryptojacking attacks surged last year, rising 19% globally to 97.1 million.

 

Cryptojacking malware isn’t designed for data theft, but it consumes system resources and network bandwidth, impacting performance. However, it also may come with additional malicious payloads that compromise systems.

 

Data-stealing ransomware, sophisticated phishing, and supply chain attacks are among the critical threats to organizations nowadays. With the evolving threat landscape it’s crucial that organizations stay aware of the cyber crime and cyber security trends so they can be proactive and able to efficiently harden their cyber defense.