2022 will see the cyber cold war intensify – cybercrime set to become a $10-trillion industry
The worldwide information security market is forecast to reach $170.4 billion in 2022, according to Gartner. This is due, in large part, to organizations evolving their defenses against cyberthreats — and a rise in such threats, including in their own companies. Cybersecurity Ventures expects global cybercrime costs to grow by 15% annually over the next five years, reaching $10.5 trillion annually by 2025, up from $3 trillion in 2015.
This represents the greatest transfer of economic wealth in history, risks the incentives for innovation and investment, is exponentially larger than the damage inflicted from natural disasters in a year, and will be more profitable than the global trade of all major illegal drugs combined. If it were measured as a country, then cybercrime — which is predicted to inflict damages totaling $6 trillion globally in 2021 — would be the world’s third-largest economy after the U.S. and China.
According to the Identity Theft Resource Center (ITRC), a United States non-profit organization founded to provide victim assistance and consumer education, the number of data breaches publicly reported in 2021 has already exceeded the total for 2020, putting the immediate past year on track for a record year.
A Cybersecurity Ventures analysis predicts that there will be a new attack every 2 seconds, as ransomware perpetrators progressively refine their malware payloads and related extortion activities.
Experts also expect banking attacks to rise globally in 2022. This includes compromising a system through Remote Access Trojan (RAT), a tool used by cybercriminals to gain full access and remote control on a user’s system, including mouse and keyboard control, file access, and network resource access.
Supply chain attacks will become more common, and governments will begin to establish regulations to address these attacks and protect networks. They will also work at collaborating with private sectors (as well as other countries) to identify and target more threat groups operating on a global and regional scale.
The well-known SolarWinds supply chain attack stands out in 2021 due to its scale and influence, but other sophisticated supply chain attacks have occurred, such as Codecov in April, and most recently, Kaseya. Kaseya provides software for Managed Service Providers (MSPs) and the REvil ransomware gang exploited the company to infect over 1,000 customers with ransomware. The group demanded a ransom of $70 million to provide decryption keys for all affected customers.
When money becomes purely software, the cyber security needed to protect against hackers stealing and manipulating bitcoins and altcoins is sure to change in unexpected ways. Check Point Research (CPR) investigated OpenSea and proved it was possible to steal crypto wallets of users by leveraging critical security.
Beyond Enemy Lines: Cyber
State-sponsored cyber-attacks represent one of the biggest threats in 2022.
According to some geopolitical experts, countries are already at war in cyberspace, while sabre rattling is going on in the conventional battle theaters of eastern Europe and South China Sea. State-sponsored groups will continue to target the cryptocurrency industry in 2022, according to a report by cybersecurity firm Kaspersky.
Such attacks are different from regular cyber-attacks. In these, an enemy state or very often the victim’s nation-state is believed to be targeting the user, because they are perceived as a threat. According to Kaspersky researchers, state-sponsored groups have also started targeting the cryptocurrency industry as well.
The cyber cold war is intensifying, and taking place online as more nation state actors push western governments to continue to destabilize society. Improved infrastructure and technological capabilities will enable terrorist groups and political activists to further their agendas and carry out more sophisticated, widespread attacks.
The Rise of the Cybersecurity Superpowers
Cyber-attacks will increasingly be used as proxy conflicts to destabilize activities globally. State-sponsored cyberattacks from Russia, China, Iran, and North Korea will remain the biggest threats to the world. Russia will maintain an aggressive posture, with a sustained emphasis on targeting NATO, Eastern Europe, Ukraine, Afghanistan, and the energy sector.
The US government attributed the UNC2452 attack (also referenced as the SolarWinds supply chain compromise incident) to Russia, which demonstrates Russia has the ability to achieve widespread impact. We expect supply chain and software supply chain environments to continue to be targeted by Russia next year. Additionally, UNC2452’s manipulation of authentication methods in hybrid cloud/on-prem environments highlights innovative tactics, leading us to believe the level of sophistication and scope of Russian operations will expand.
Iran will use its cyber tools in a much more aggressive manner to promote regional interests. Information operations attributed by the US to Iran in 2020 and 2021 demonstrated more aggressive tactics than previously seen. Iran will also continue to target Israel and others in the Middle East.
They have shown their capability and willingness to use destructive malware, so we expect them to take advantage of any opportunities that are presented. Ultimately, we’ll see Iran trying to create more of a power balance shifted to its own interests. We have seen them targeting abroad, but their targeting will most likely be regional throughout 2022.
China will continue to be very aggressive, supporting the Belt and Road Initiative using cyber espionage. Now that the Ministry of State Security (MSS) and the People’s Liberation Army (PLA) have completed most of their reorganization, their operations are going to become much more focused.
China has shown a willingness to scale their operations and take steps that they were previously unwilling to take. As geopolitical tensions continue to rise, the big question is: When are we going to see China flex some of their known but as-yet-unused destructive capabilities?
North Korea, with its geographical, international, and financial challenges, is willing to take a lot of risks. In 2022, we expect to see North Korea flex its cyber capabilities to make up for its lack of other instruments of national power. The North Korean cyber apparatus will continue to support the Kim regime by funding nuclear ambitions and gleaning strategic intelligence.