Under Attack? Breach Response Hotline: Call 833.997.7327 (US/CAN)

Cyber Threat Landscape

William Ekiss | December 10th, 2021


2021 was an unprecedented and altogether wild year regarding the cybersecurity and cyber threat landscape for many reasons: ransomware attacks rose over 100% from 2020, with the total cost of attacks approaching $20 billion dollars; most security breaches—upwards of 95%—were preventable and on account of human error; double, triple, quadruple extortion emerged as a commonplace tactic of threat actors; government entities were the most targeted sector for ransomware attacks; state-sponsored cybercriminal affiliates re-emerged or were strengthened across the globe with the likes of Hafnium, REvil, Lyceum, and Moses Staff.

Given the trends of this past year, it is fair to predict that 2022 will bring with it new developments and a continuously evolving cyber threat landscape. As such, here are my boldest predictions for 2022, which I implore you to consider as you resolve to strengthen the security posture of your organization in the new year.

7 Cyber Threat Landscape Predictions for 2022

  1. Threat Actors Will Continue to Steal Data

This might not be the boldest prediction, but it is something we should keep in mind for next year and beyond. The number of publicly disclosed data breaches in 2021 is in the range of 1300, which represents a 17% year-over-year increase. We can expect at least another 20% increase in data breaches with exfiltration by the end of 2022.

  1. Virtual Private Networks (VPNs) Will Be Heavily Targeted

 VPNs essentially create a private tunnel across a public network in which to hide personal data, internet activity, and IP address on any Wi-Fi network from threat actors. VPNs are certainly more secure than public Wi-Fi if properly configured, but they are not impenetrable. As remote work continues to expand, anticipate an increase in threat actors targeting VPNs. Like any network, VPNs can be compromised through known vulnerabilities, which act like holes in the security, after which threat actors can steal the encryption and decryption keys. Additionally, VPNs can experience a leak. We have seen this with the exposure of some 500,000 usernames, passwords, and IP addresses from multiple data leaks of Fortinet VPN users. For these reasons, and because businesses reliant on VPNs for remote workers do not quickly patch vulnerabilities, expect to see an exponential increase in VPN compromise in 2022.

  1. Data Theft Without Ransom Will Increase

 2021 saw a meteoric rise in ransomware because it is such a lucrative industry. Approximately 85% of all cybersecurity attacks in 2021 were financially motivated. I see this number decreasing over the next year. One reason will be the rise in state-sponsored attacks driven primarily by a political incentive like we have seen with the Moses Staff threat group targeting Israel in order to disrupt infrastructure and embarrass leadership. Furthermore, the robust and growing black market for personal identifiable information (PII) doesn’t require a large ransom to make a fortune. One example of this, which I fear we will see more of, was the extortion of individuals—rather than the organization itself—in the attack against patients at Finland’s Vastaamo psychotherapy center.

  1. Make Way for MFA

With COVID-19 came a rise in virtual offices with remote work occurring on work-issued devices. This trend also carried with it an increased risk of data compromise as organizations and their workers continue to rely on simple usernames plus password login credentials. Add on the fact that over 90% of malware is delivered via email, the most accessed work-related data source, organizations are increasing the likelihood of a breach or malware attack. The latest data suggests that 55% of businesses require the use of MFA (multi-factor authentication) for its employees. As we move through 2022, expect this number to rise significantly into the realm of 90%.

  1. Phishing Remains #1

Phishing scams will continue to be the most successful method of network access and data theft; human error will extend its streak as the primary way access and theft occur.

  1. The Year of Security Operations Centers as a Service

2022 will be the year of Security Operations Centers as a Service (SOCaaS). The current reality is that global conglomerates, small businesses, and every venture in between is increasingly susceptible to cyberattacks every day they operate. Most organizations do not have the staff, technology, or finances available to monitor all endpoints 24/7 with Incident Response experts. Combine this with the impressive benefits of Extended Response and Detection toolsets (SpearTip’s ShadowSpear Platform, for example, brings a 254% ROI and NPV of $1.91 million), and more and more organizations will realize their need for such a comprehensive and practical service. 

  1. Unpredictability

There is one fact I am most sure of as we adventure into 2022: it will be as unpredictable as 2021.


Bonus Prediction: Kansas City Chiefs Beat Green Bay Packers in Super Bowl LVI


Connect With Us

Featured Articles

IT Workers
Extra Advice on the IT Workers in North Korea
29 November 2023
Ransomware Attacks
The 10 Most Impactful Ransomware Attacks in History
27 November 2023
Cloud Backups
Security Strategy: Cloud Backups for Ransomware Protection
25 November 2023
Blog Images (15)
How To Maintain Personal Cybersecurity While Shopping Online
21 November 2023

See ShadowSpear in Action

Identify, neutralize, and counter cyberattacks - provide confidence in your security posture

Stay Connected With SpearTip

Inside the SOC Newsletter

View our articles that cover trending topics in cybersecurity with insights from our 24/7/365 Security Operations Center.

ShadowSpear Platform

Cybersecurity actors are working around the clock, shouldn’t your security team be too? Technology solutions and security controls fail for a number of reasons, poor deployment, improper implementation, or just no one monitoring the alerts.

ShadowSpear Demo

Experience ShadowSpear for yourself. Our lightweight, integrated solution will help you sleep easier at night and provide immediate confidence in your security posture.