tech

Advanced Persistent Threats in 2022: What to Expect Next Year

Kaspersky researchers presented their vision of Advanced Persistent Threats (APTs) for 2022, showing how the targeted attack landscape will change in the coming months. The growing politicization of cyberspace, the return of low-level attacks, the emergence of new APT players and the growth of attacks on supply chains, are some of the researchers’ predictions.

The changes in the world in 2021 had a direct effect on the evolution of sophisticated attacks to 2022. Based on trends that the Kaspersky Global Research and Analysis Team (GReAT) observed throughout 2021, researchers prepared a forecast to help the security community. IT preparing for future challenges.

The private sector will welcome new APT players
This year, the use of surveillance software (developed by private vendors), especially the Pegasus Project, changed the perception of the probability of zero attacks per day on the iOS system. It was also observed how the development of more advanced surveillance tools, increased its intrusion detection and anti-analysis capabilities – as in the case of FinSpy – having been tested in nature – as was also the case with the Slingshot framework.

The potential of commercial surveillance software – access to large amounts of personal data and broader targets – makes it a lucrative business for those who provide it, but also an effective tool in the hands of cybercriminals. Thus, Kaspersky experts believe that the providers of this software will expand into cyberspace and provide their services to new “actors” of advanced threats until governments start to regulate their use.

Other threats predicted for 2022 are:

  • Mobile devices will be exposed to more sophisticated attacks. Mobile devices have always been a good choice for cybercriminals, with smartphones travelling with their owners everywhere, each of which serves as a storage source for a large amount of valuable information. In 2021, we saw more zero-day attacks on the iOS system than ever before. Unlike a PC or Mac, where the user has the option to install a security package, on iOS, these products are either reduced or simply non-existent. This provides extraordinary opportunities for APTs.
  • More attacks on supply chains. Kaspersky investigators paid particular attention to the frequency of cases where cybercriminals exploited weaknesses in vendors’ security to compromise the company’s customers. Such attacks are particularly profitable and valuable because they give access to a large number of potential targets. For this reason, attacks on supply chains are expected to have an increasing trend in 2022.
  • Continuous exploration of remote work. With remote working, cybercriminals will continue to use unprotected employees’ home computers as a way to access the company’s network. It will see the use of social engineering to steal credentials, and force attacks on business services to gain access to poorly protected servers.
  • Increase in APT intrusions in the META region, especially in Africa. Geopolitical tensions in the region are increasing, which means that cyber espionage is also on the rise. Furthermore, new defences in the region are constantly improving and becoming more sophisticated. Taken together, these trends suggest that the main APT attacks in the META region will target Africa.
  • Increased attacks against cloud security and subcontracted services. Several companies are embedding cloud computing and software architectures based on microservices and running on third-party infrastructures, which are more susceptible to cyber-attacks. This makes more and more companies the target of sophisticated attacks in the coming year.
  • The return of low-level attacks: bootkits are in fashion again. Due to the growing popularity of Secure Boot among laptop users, cybercriminals are forced to seek to exploit or analyze new vulnerabilities of this security mechanism to circumvent the system. Thus, an increase in the number of bootkits in 2022 is expected.
  • Governments are clarifying acceptable cyber-attack practices. There is a growing tendency for governments to denounce the cyber-attacks they suffer while at the same time carrying out their own attacks. Next year, some countries will publish their cybercrime taxonomy, distinguishing the types of acceptable attack vectors.

There are dozens of events happening every day that are changing cyberspace. These changes are quite difficult to track and even harder to predict. However, for several years, based on the knowledge of our experts, we have been able to predict many future trends in the cybersecurity world. We believe it is crucial to continue to monitor activities related to APT, assess the impact these targeted campaigns have, and share our knowledge with the wider community. By sharing these predictions, we hope to help users be better prepared for the future of cyberspace,” says Ivan Kwiatkowski, Senior Security Researcher at Kaspersky.

APT’s predictions were developed thanks to Kaspersky’s threat intelligence services, which are used around the world. These predictions are part of the Kaspersky Security Bulletin (KSB) – an annual series of predictions and analytical articles about key changes in the cybersecurity world. Click here to view other KSB parts.

Follow us on Facebook, Twitter, Instagram, Youtube and TikTok and see the exclusive content for social networks.

Show More

Related Articles

Back to top button
error: Content is protected !!