War, Pestilence, Famine, and Deepfakes: Cybersecurity Predictions for 2022

As a new year dawns and technology develops, there is a lot of hope for the future – and for science as a whole.

But in tech, new frontiers sadly present new risks. So, let’s ponder our crystal ball to see what might keep us in the cybersecurity community on our toes during 2022 and beyond. Hold onto your hats – it might get rough.

Cybersecurity Prediction 1: Cyber Attacks Will Become Part and Parcel of Global Conflict

Political tensions are rising around the world. As such, it’s sadly becoming increasingly likely that we’ll see cold war tactics heating up and boiling over.

However, nation states no longer have to be reliant on “traditional” warfare in order to take a stand. A new kind of battlefield is coming into view – an increasingly digital one. Rather than sending costly troops to risk their lives, targeted cyberwarfare threatens the digital wellbeing of the enemy – which naturally creates real life consequences. Just look at the Ukraine power grid hacks for proof.

As cyber-boffin Brian Krebs recently pointed out, internet routing (the means and methods that are used to keep data flowing around the globe) were actually built for an internet that was much smaller. Put very simply, much of the routing infrastructure we use globally relies on aging, increasingly precarious solutions.

Any disruption to a weak point within international routing infrastructure could leave whole swaths of the globe without access to the internet, disrupting banking, utilities, healthcare – basically all modern amenities we have come to rely on. The current global routing situation presents a unique single point of failure that could lead to mass disruption.

Cybersecurity Prediction 2: Nation States Will Amp Up Their Cyber Arsenal

An increased risk of cyberwarfare will naturally result in nation states keeping their cyber-armouries well stocked – both in terms of attack and defence. However, I think we can all guess which of those will be treated as higher priority.

This may sound like we’re edging on tin-foil hat territory here, but there is a very real precedent of state cyber attacks, set by the likes of Stuxnet, WannaCry, and BlackEnergy. In fact, a recent study backed by HP Inc. found that cyberattacks backed by nation states have doubled in the 3 years between 2017 and 2020.

But don’t think that because you aren’t the James Bond, Mata Hari, license to kill type that you’re off the hook. The same study found that an increasing number of businesses are coming under fire from nation state-backed hackers too.

Cybersecurity Prediction 3: Some Kind of Cyber Terrorist Attack Will Take Place

Now we go from dark to darker. Alas, it’s only a matter of time before this happens. However, we don’t think that this attack will necessarily come from any previously acknowledged terror threats or sources.

As social media continues to sow division and disharmony, our herd mentality gets stronger than ever. People can be “radicalised” in directions (and at a speed) we would have thought impossible just a few short years ago. Profit-focused algorithms, social echo-chambers, and manufactured outrage are eroding our capability to compromise and generally live and let live.

Our MD predicts that a major, activism-driven cyber-warfare-level attack is likely to take place over the next couple of years. His hunch is that this may be towards a large multinational organisation, possibly as retaliation for some kind of perceived (not necessarily actual) ideological wrongdoing or scandal.

Companies that genuinely do wrong need to be held accountable, of course, but I think we can agree that we desperately need more patience and harmony in the world. We’re all for peace and love here at Just Firewalls, man.

Cybersecurity Prediction 4: A Zero-Day Exploit Takes Down a Mainstream Cloud Platform

We believe that a major cloud provider – such as AWS, Azure, or Google Cloud – will see some sort of zero-day exploit lobbied at them, possibly leading to outages across the globe.

Though these organisations all maintain impeccable standards of security, there’s no such thing as a perfectly watertight security setup. Again, it’s only a matter of time before an opportunity presents itself to the wrong person.

Less than 24 hours after we decided to include this prediction, Amazon Web Services suffered a historic outage stateside that affected countless Amazon, Alexa, Ring, and Disney+ users. This wasn’t due to a cyberattack though; an automated function used to scale up server capacity unexpectedly caused a raft of unexpected activity across their networks, leading to severe congestion.

We’re glad that this outage was caused by something innocent but it does show that no system is perfect, even at the world’s third largest company.

Cybersecurity Prediction 5: More Cybercrime Will Target Cryptocurrency

Cryptocurrency is well and truly enjoying a heyday right now. There are more cryptocurrencies than ever, with more real money invested in them than ever, and new unusual solutions like NFTs getting everyone’s tongues wagging.

So with this in mind, we think it’s highly probable that criminals will seek to exploit the current crypto situation to make their own “to the moon” profits. They may target a single cryptocurrency, hack a widely-used crypto wallet tool, or reveal weaknesses in the next big crypto trend.

New cryptocurrency “coins” are cropping up all over the place at the moment. It’s highly probable that a coin set up quickly as a joke or just to make a quick buck may be poorly developed, with corners cut somewhere. The cybercriminal’s task is merely to find those security gaps and exploit them. Let’s not forget that coins themselves can be scams too. NFTs – crypto-based digital art sales – are already being ridiculed for the fact that people can just “right click, save as” or screenshot any image. Granted, art ownership is a little more complex than that, but future crypto trends may be more thoroughly scuppered by something just as remedial.

Cybersecurity Prediction 6: Scam Impersonators Get Better at Impersonation

Move over Alistair McGowan, eat your heart out Rory Bremner – scammers are the new impersonators in town, and they’re making big bucks too.

Many of us are now at least vaguely aware of scams that mimic the likes of the police, HMRC, banks, and retailers which shock recipients into complying. There are also scams out there where criminals impersonate well-known personalities like British consumer champion, Martin Lewis, and dubious choice for Time’s Person of the Year, Elon Musk.

If that isn’t bad enough, then it’s time for deepfake technology to enter the ring. A “deepfake” – a portmanteau of “deep learning” and “fake” – is an AI-driven technology that can synthetically replace a person’s likeness in a video or photo with someone else’s; with results that range from wryly amusing to downright disturbing.

If that isn’t bad enough, then it’s time for deepfake technology to enter the ring. A “deepfake” – a portmanteau of “deep learning” and “fake” – is an AI-driven technology that can synthetically replace a person’s likeness in a video or photo with someone else’s; with results that range from wryly amusing to downright disturbing.

Eventually, deepfake technology may become so accessible that scammers could impersonate normal people as part of their phishing scams – realistically mimicking employees, bosses, and even loved ones to manipulate victims into doing their bidding.

Deepfake phishing is already happening. Back in 2019, an audio deepfake (known as a “deep voice”) was used to mimic a CEO’s voice, which resulted in a fraudulent €220,000 transfer. And in 2021, scammers made off with $35 Million from an Emirati bank after tricking a bank manager with a voice-altered phone call. These are big-ticket fraud cases, but as the technology becomes more accessible, we may see criminals using deepfakes to scam your average Joe Bloggs on the street.

Cybersecurity Prediction 7: Deepfake Technology Becomes Weaponised

We predict that deepfake crimes will go far deeper than just phishing. Highly targeted video, created to mimic a politician, an influencer, or a trusted household name, could be used to manipulate the general public’s opinions; alter stock and crypto prices; elicit public panic (which isn’t that hard); or worse.

If someone deepfakes a major or controversial world leader, falsely depicting them announcing war or doing something unsavoury, how would that ripple across the world? On a micro scale, evil-doers are already pasting normal people’s faces onto disturbing violent and sexual content with worrying believability, and there are no laws in the UK (at the time of writing) to stop the perpetrators.

Could this be a new age of digital blackmail – warfare, even – based on false pretences?

Cybersecurity Prediction 8: AI Will Become a Hacker’s Best Friend

We foresee AI-powered tools becoming a handy helper for cybercriminals looking to create new malware and hack increasingly complex systems.

If you’ve ever had a brush with programming, you’ll know that there’s no worse feeling than when a piece of code just won’t do what you want it to. You feel like you’re hitting your head against a brick wall. This happens to hackers too as they try to hack into systems or create malware that will evade complex defences.

AI could serve as a battering ram to this wall, helping criminals create exploits that dodge security defences without them having to learn how to manually put that code together.

Remember how Microsoft Clippy would interject “It looks like you’re writing a letter – would you like help”? We foresee an artificially intelligent tool that could effectively ask “It looks like you’re trying to hack through a firewall – would you like help?”.

Given the doom and gloom, you’re probably looking for a silver lining somewhere in this article. Thankfully, we have one here: if criminals harness AI to work for them, the security community will likely have it as well; and we’ll be fighting fire with fire.

Background vector created by rawpixel.com – www.freepik.com

Cybersecurity Prediction 9: Cybercrime Will Continue to Shatter Records

According to Checkpoint, 1 out of every 61 organisations around the world were impacted with ransomware each week during 2021. Earlier in the year, Checkpoint reported a 97% year-on-year increase in cyberattacks on EMEA firms during May 2021 – a 21% increase since just January. SonicWall’s Mid-2021 report found that ransomware attacks were up 151%.

Cybercrime records are well and truly being broken left, right, and centre. We predict that this will only get worse in the coming 12 months. In particular, we foresee ransomware attacks growing exponentially, with surgically precise penetration and persistence tools at their core.

Cybersecurity Prediction 10: Supply Chain Attacks Will Continue to Grow

Supply chain attacks – cyber attacks designed to impact softer targets within an organisational supply chain – have been around for a while, but have seen a bit of a surge of late. During 2021, the Kaseya attack affected computers across the world by infiltrating a global MSP, and the Russian hacking group behind the well-known SolarWinds attack may be targeting similar IT and cloud providers who have high-grade security measures. Not even your humble neighbourhood Spar shop was safe from supply chain attacks!

Our boffins think that this trend isn’t going away soon.

Criminals enact supply chain attacks for a number of different reasons. They may wish to affect a specific organisation within the supply chain, they may wish to bring a particular industry to a grinding halt, or they may simply wish to create as much chaos as possible.

Bear in mind our predictions about nation-state and terrorist cyber-dalliances above; they may well involve some kind of supply chain attacks, compromising a single point of failure to create widespread misery.

So, umm… Happy New Year, everyone…? Stay safe out there.

Want more predictions? Head on over to WatchGuard for their 2022 cybersecurity predictions – in fact, some of our predictions could easily intermingle. Their prediction number 2 is out of this world…

Want to peer into our crystal ball? Probably not after such heavy predictions, but we’re happy to share our cyber-wisdom with you anyway – for free! Simply drop us a line or call 0808 1644414 to book a free cybersecurity review! It won’t take long and we may even be able to help you sharpen your defences using the tools you already have.

Book your review today!