How do you know if your customers are ready to survive and thrive in 2022? Who knows what the year will throw at us? More importantly, how do you make sure that their teams are ready, so their business is one of the survivors? Unfortunately, the predictions I’m going to share with you today may not give them all the answers, but they will be a good starting point so they’re better prepared for the discussions to come. It might seem challenging and even scary at first for some customers, but it will set them on a path towards better and more secure ways of working that can help their organisation prosper and build its' cyber resilience in 2022 and beyond.
1) Phishing scams will be bigger and scarier than ever
Phishing scams have been around for ages. But they are evolving, becoming even more sophisticated and harder to detect. I started MailGuard in the year 2000, and now in our 21st year providing world-leading, cloud email security, I continue to be gob-smacked at how clever and sneaky some of the scams are. Phishing of course, refers to any kind of scam that asks people to give up sensitive information by responding to fake emails, texts or pop-ups on their computer.
There are many permutations, whether their team members are accessing business or personal services, and if they are on a company device or their own, and the advent of working remotely has added even greater complexity and expanded the potential attack surface exponentially. But the basic premise remains the same: cybercriminals will pretend to be a trusted brand or service, hoping that their teams are busy and distracted and that they may overlook a small grammatical error, or a different sender email address. Many times, an effective attack can be near impossible to spot, and often businesses and individuals don’t even realise that they’ve been compromised.
Once the perpetrators have successfully harvested their credentials, they may just sell them on the dark web, or they may use them to perpetrate a crime, like financial or identity fraud or theft, or simply to gain access to other connected services on their company network. Indeed, if they have access to their email credentials, they may just monitor their emails until they figure out the most lucrative way to leverage them. For example, if they’re in a senior management function or a finance team member, they may send their customers or other supply chain partners a change of account notice, or substitute invoices for payment into fraudulent and untraceable accounts.
Indeed, as one cybercriminal famously bragged, “Once I have your credentials, I am effectively you, online. I can access your social security number, your banking and finance information, and your social media accounts. I can chat with your friends and family, and colleagues. I can see your calendar, your instant messaging, and your email accounts, so I know all your movements. And I can delete any of the communications that I send on your behalf to eliminate any trace that I was ever there.” It’s truly frightening stuff and more than just the innocuous spam that we all find so tiresome.
2) Ransomware will take on more vicious forms
Ransomware is a big threat right now, but that threat will only grow over time. In fact, it’s hard to imagine where cybercriminals could take ransomware attacks beyond encrypting every bit of data on a user’s system and asking for money to decrypt it. There are certainly more damaging types of attacks out there than basic ransomware, and it's inevitable that they will evolve and proliferate in the coming year. We have heard much talk of an escalation in attacks from bad actors that are sponsored by nation-states targeting critical infrastructure, but they may also have a broader target with the simple goal of undermining key sectors of an economy and causing societal unrest. The same is true for supply chain attacks, as we have seen with the Kaseya attack, Solar Winds, Toll Group, Colonial Pipeline and so many others. The impacts are far more widespread than the initially targeted company.
3) Hackers will strike, either physically or virtually
Some people may think that we’ve reached a peak of cyber risk. Unfortunately, I don’t believe them. Why? Because hackers won’t give up. As Microsoft CEO, Satya Nadella says, "It's a trillion-dollar problem." It's a global industry that is enormously lucrative and until now relative free from prosecution. They want your customer’s data and they will keep trying to get it, one way or another. So, if your customers are in any industry with sensitive or confidential information on a corporate email account or a corporate cloud system (and they probably are), then they need to be prepared for a breach of their IT infrastructure.
And given the size of the prize, we know they will stop at nothing, even if that means physical or virtual attacks. There have been documented instances of hackers buying corporate work-wear from thrift shops in order to physically enter premises and gain access to a corporate network. And more technologically advanced, of drones and similar devices being flown onto building roofs and into other locations in order to be proximate to services on the network that are more easily hacked. In essence, we must be prepared for anything, because the size of the prize means that nothing is out of the question for our adversaries.
4) New types of ransomware will continue to emerge
From some of the earliest forms of ransomware like CryptoLocker, to more well know variants like WannaCry which famously impacted hundreds of thousands of businesses in over 150 countries, to Bad Rabbit which is installed through a fake Adobe update, or Cerber which targets the 300M+ Office 365 users worldwide, one thing is certain, ransomware is here to stay and it will continue to evolve. It’s a lucrative business, with sophisticated organized crime syndicates, and malicious amateurs alike, purchasing kits on the darkweb, and securing databases of innocent victims in order to launch attacks every day. There are even 24/7 support lines for the criminal customers of some of the ransomware-as-a-service vendors.
5) New forms of phishing emails will be discovered
Phishing has been around for years, but it continues to be one of the most effective ways that criminals can hack into businesses, be they small to mid-sized companies or larger enterprises. Whether it’s through an email or a text message, expect hackers to continue finding new ways to get around your customer’s defences.
Phishing attacks come in many forms, from bill scams masquerading as a phone company or energy utility, to a consumer service like Netflix or a software vendor that they use every day like Microsoft 365 or Gmail. Or, a cybercriminal may phish for sensitive information from employees by sending out emails that appear to come from C-level executives asking for payments to be made, or seeking passwords and account information.
But with so many of us working remotely and spending enormous amounts of our time on social networks and messaging services from everyday personal and business email, through to Tik Tok, Facebook, Twitter, Instagram, SnapChat, WeChat, and so many more, then the opportunities to insert a message that will dupe customers into revealing sensitive info are astounding. We spend more than 2.5 hours per day on average on social media, and by 2025 they project there will be over 4.4 billion people using the platforms. And by 2023, it's projected that there will be close to 350 billion emails sent and received every day. That's an enormous number of people waiting to be tricked, so this is a problem that's not going away any time soon.
6) Cyber Security Awareness Training is mandatory
No matter your job function, it’s vital that we all take a few minutes to learn how to spot suspicious emails and other cyber risks. For example, did you know that 1 in 6 phishing emails contain ransomware? Security awareness training should be a staple for all of your customers employees. It will help protect both them and your customer’s business from sophisticated cyber-attacks that can be crippling to an organization.
Fortunately, the naïve views of the past that cybercrime is an IT problem, or that it won’t happen to us, are fast becoming a thing of the past. Most progressive businesses now understand that cybercrime is here to stay and that it can happen to anyone. Cyber security awareness is just one more arrow in their quiver, helping to empower their frontline to be a proactive layer in their defences.
7) Mobile devices remain vulnerable despite security updates
Although security software updates have made mobile devices significantly safer than they were a few years ago, it's not uncommon for users to delay applying these security updates for weeks or months after their release. This leaves many mobile devices at risk of malware, ransomware and phishing attacks, among other potential hazards. If their teams are using mobile devices or tablets for work purposes, be sure that they mandate updating the software regularly and restrict staff from downloading unsecured apps or visiting unsafe websites, especially while connected to public Wi-Fi networks.
8) Endpoint protection remains critical
Any time employees send email, they open a vulnerability to attack. In fact, by 2022, 75% of cyberattacks will use malicious links within an email to gain access to an organization’s network or data. Attackers can spoof email addresses and domain names to make emails look legitimate; that makes people much more likely to click on a link without thinking twice. They may also be lured into opening infected attachments from phishing emails that appear to come from colleagues or customers. All it takes is one click, and attackers have gained control over their systems. But effective endpoint protection is critical for securing devices—and today, multiple solutions exist for businesses to stop threats before they happen.
9) Password and Identity Management will be vital
In 2022, modern password management including mandated 2FA or MFA, will be essential. Likewise, with a zero-trust stance, it will be imperative for companies to implement effective identity management, or identity and access management solutions. Identity management, also known as identity and access management (IAM), is a framework of policies and technologies to ensure that the right users have the appropriate access to technology resources. IdM systems fall under the overarching umbrellas of IT security and data management, and as companies become ever more complex and as demands on network access and controls over services and best practice password management become greater, then in 2022 they must become a must-have for every business, and every executive and Infosec professional that is worth their salt will be firm advocates.
10) Email will remain the number one vector for cyber attacks
Cybercriminals will still rely on email as their number one attack vector. 350 billion emails each day is too much of an incentive, especially when so many individuals and companies alike, remain cavalier about the risks. It’s the simplest, most effective way to trick staff into doing something that could put their organisation at risk. And the cost and effort associated with launching an attack is less than ever. As we head into 2022, don’t expect cyberattacks to suddenly move on to other platforms—threats will still come most frequently via email. It’s why experts recommend a multi-layered approach to keep your email secure. If your customer is using Google Workspace, Microsoft 365 or any other platform, a specialist layer of advanced email threat protection from a cloud-based vendor like MailGuard will provide a substantial boost to their defences.
Are your customers Cyber Ready for 2022?
Cyber threats are real, and many experts believe they’ll only get worse. We don’t have to look far back to see attacks that decimated businesses and even countries: WannaCry and NotPetya (Ukraine), Sony Pictures Entertainment (USA), Ashley Madison (Canada), Anthem Insurance Company (USA), DNC breach/email leaks (USA). That’s just a snapshot of some major cyber attacks that impacted organisations around the world. Don't let your customer’s organisations be next.
Talk to us
MailGuard's partner blog is a forum to share information and we want it to be a dialogue. Reach out to us and tell us how we can serve you better. You can connect with us on social media or call us and speak to one of our consultants.
Australian partners, please call us on 1300 30 65 10
US partners call 1888 848 282 2
UK partners call 0 800 404 8993