Ransomware Predictions for 2022

Ransomware Predictions for 2022

The new year is traditionally a time to consider the future and set down new goals and directions for life. In the IT world, it is also a time to make predictions for the coming 12 months.

Let’s take a look at ransomware and how it is likely to evolve. What are the ransomware predictions for 2022?

1. More Ransomware

The European Union Agency for Cybersecurity’s latest ENISA Threat Landscape report saw a distinct rise in ransomware over the past year, and expects that trend to continue, and even accelerate in 2022. With a 150% rise in 2021, that doesn’t bode well for enterprises in the coming year.

2. More High-Profile Victims

2021 saw a series of high-profile victims of ransomware. These included Colonial Pipeline, Kronos, JBS, and Kaseya. SolarWinds could perhaps be added, but it began at the tail end of 2020.

This year expect an even longer list. Ransomware has become the primary security threat for businesses. Groups like DarkSide, REvil, and BlackMatter are not only terrorizing organizations, they are getting smarter and more organized.

According to an analyst by Kela, hacking groups have formulated the ideal U.S. victim:

  • Annual revenue of at least $100 million
  • Not from verticals such as education, government, healthcare or non-profits
  • Preferred access types are VPN, remote desktop protocol (RDP), and tools from Citrix, Palo Alto Networks, VMware, Fortinet, and Cisco.

Someone on the dark web can sell access to such companies for up to $100,000. That shows you just how lucrative this criminal enterprise can be. Expect an even longer ransomware “hall of shame” in 2022.

3. Ransomware Inc.

Ransomware has morphed from a few scruffy petty thieves operating in basement or attic apartment into a series of organized crime syndicates. Not only is there strength in numbers, here are economies of scale, as well as business advantages in developing a food chain and supply chain among cybercriminals.

These days, we have the lower levels pounding away via phishing emails and other scams, hoping to burrow into some juicy target. They, in turn, sell these leads and points of access to bigger fish and so it goes. There are even hacking development communities that create new viruses, trojans, and ransomware code. It’s getting sophisticated.

4. Multi-Vector Attacks

Yes, the bad guys want a ransom. But they have moved beyond being one-trick ponies. As well as money, they threaten reputations by exposing attacks, blackmail companies about exposing corporate or personal dirty laundry, or sell intellectual property (IP) to a competitor.

The smaller hackers and hacking groups will go after the small fish. But the more organized entities will target big fish and go after them in multiple ways.

5. Protection Money

Protection money used to be a simple thing. A couple of hoods would show up, and explain that your store could get robbed, or burned to the ground – that you needed protection. If you paid them, they could ensure those things didn’t happen to you. If you refused, they would beat you up, break some windows, or torch the premises – and then widely publicize the fact in the neighborhood to instill fear.

Those same tactics are now being expanded to the virtual world. Expect to hear more about organizations paying hacking groups to be left alone. If you don’t pay Luigi, the hacker, expect phishing to ramp up, ransomware demands to come thick and fast, and havoc to reign against the enterprise.

The Best Insurance

As these trends continue and accelerate, cyber-insurance is gaining momentum. But rates continue to climb. The best insurance against ransomware is to ensure that all systems and endpoints are adequately patched by Syxsense Secure.

Syxsense lets you easily manage unpatched vulnerabilities with the click of a button. It includes patch supersedence, patch roll back, and a wealth of automation features. In addition, it provides a three-hour turnaround for the testing and delivery of new patches as well as technology to send software and patches across the wire once, using peer-to-peer within the network for local distribution. It also incorporates vulnerability scanning to detect weaknesses that could lead to a ransomware attack if unmitigated.