Security News

Working from home and crypto hype to be exploited in 2022

Grace Macej 14 Dec 2021

Audio deepfakes, optimized ransomware campaigns, and crypto malware are on the horizon in 2022

As 2021 draws to an end, we’d like to examine what the digital landscape of 2022 has in store. In the new year, our team foresees cybercriminals making advancements to ensure the effectiveness of ransomware, a continuation of cryptocurrency scams, heists, and cryptomining malware. We also anticipate attacks abusing companies with work from home policies in place.

Ransomware gangs will step up their game next year

The US’ Financial Enforcement Network, FinCEN, reported that the total value of suspicious activity related to ransomware in the first half of 2021 was 30% higher than the amount filed for all of 2020. This year, vital businesses such as Colonial Pipeline, JBS (one of America’s largest beef producers), and Swedish supermarket chain, Coop, were affected by ransomware.

Avast researchers predict the global ransomware crisis to deepen in 2022, with further attacks on critical infrastructure, such as aviation. In order to better target businesses, our team believes that cybercriminals offering ransomware as a service (RaaS) will improve affiliate models, including adding ransomware designed for Linux, better payouts, and building upon extortion layers. Furthermore, we expect attacks to be carried out by company insiders.

In terms of ransomware attacks against consumers, Avast Malware Research Director Jakub Kroustek says, “Two years ago, the most successful ransomware gangs began shifting their focus from spray and pray-like attacks on consumers to focusing on targeted attacks on businesses. We expect this trend to continue, but also anticipate a resurgence of ransomware targeting consumers, with cybercriminals adopting some of the techniques used to attack businesses, like using multiple layers of extortion, such as data exfiltration followed by doxing. In order to do so effectively, a significant amount of automation will be required to identify valuable data, due to the larger number of individual targets, and their systems being more fragmented data sources.”

“We also wouldn’t be surprised if more and more Mac and Linux users were to fall victim to ransomware, as malware authors have begun to consider these platforms when writing their code, in order to target a wider audience and thus maximize their profits.” 

Cybercriminals will continue to collect digital currency

With Bitcoin reaching a new all-time high in 2021, we can expect a continuation of the use of cryptomining malware, crypto-related scams, and malware targeting cryptocurrency wallets, as well as heists on exchanges, in 2022. 

“Cryptocurrencies like Bitcoin have risen in popularity over the past years, and experts believe their value will continue to rise in the next few years. Cybercriminals go where the money is and so they will continue to spread mining malware, malware with wallet content-stealing capabilities, scams related to the trend, and will continue to carry out heists on exchanges,” says Kroustek.

Work from home will keep company doors open for cybercriminals

While some aspects of public life have returned to normal (or at least a hybrid version of what society was pre-pandemic), working from home is likely to continue. Working from home provides employees and companies benefits; however, poor implementation in terms of network security set-ups will continue to put companies at risk.

Misconfigured VPNs especially without two-factor authentication leave businesses particularly vulnerable, as they are basically a locked door protecting extremely valuable information that would be better protected with a second lock or in a safe. This scenario gives cybercriminals easy access into a company’s network if they can either get their hands on login credentials or can crack them.

Another work from home related risk is employees downloading company data onto their personal devices, which may not have the same level of protection as their company-issued device.

Furthermore, Avast experts predict audio deepfakes will be used in spearphishing attacks. Criminals will use deepfake audio to imitate an executive or other employee to convince someone to grant them access to sensitive data or to a company’s network. Cybercriminals may have more success with deepfake audio due to the fact that many people are still working from home. This means that they’re unable to see that the person on the phone really is at their desk typing and not on the phone with them, and additionally, they don’t have the ability to confirm the person’s request by physically going over to them.

How to protect yourself from attacks going into 2022

“No one should assume they are immune to cyberattacks, regardless of the operating system they use and the amount of technical expertise they have software producers included,” explains Kroustek. “Supply chain attacks, like the attack on Kaseya that spread ransomware to its clients, happen time and time again and will continue to occur. It is, therefore, vital devices be protected with security software”.

Patching will continue to be essential when it comes to combating ransomware and other attacks that propagate via unpatched software. Attackers will exploit vulnerabilities more frequently, even for commodity malware like cryptominers.

Stick to official sites and app marketplaces when you’re downloading software and updates to avoid malware and scams, and be sure to read reviews carefully to catch any red flags. Moreover, avoid clicking on suspicious links, such as links sent from unknown senders, regarding purchases that you didn’t make or accounts that you don’t have. Look out for any links that don’t match the service being referred to in messages.

Finally, in terms of actions that police forces can take to combat and eliminate the source of attacks, Avast experts foresee Infrastructure as a Service (IaaS) to be used more frequently, with malware authors primarily focusing on their malware, rather than the infrastructure it lives on. This could allow police to take down IaaS in an effort to dismantle entire malicious operations.

It’s now time to wave goodbye to 2021 and welcome in 2022. In the new year, we will continue to deliver on our commitment to digital freedom, shaping the digital landscape to be a fairer, freer, and more equitable place for all.