Cryptocurrency-fuelled ransomware attacks, metaverse-related attacks, exploitation of flaws in application programming interfaces (API), and critical infrastructure attacks are among the key threats expected in 2022, according to Palo Alto Networks, a global cybersecurity company.
“Cybercriminals are getting richer than ever as cryptocurrency fuels the ransomware economy,” said Ian Lim, field chief security officer for Japan and Asia-Pacific at Palo Alto Networks.
“Cybercriminals will have more funds and resources to launch bigger attacks on critical infrastructure.”
Over the past year, Asia-Pacific has seen a significant increase in ransomware attacks, he said.
The “2021 Unit 42 Ransomware Threat Report” by Palo Alto Networks found the average ransom paid by an organisation in the first half of 2021 was US$570,000 — an 82% increase from the year before, demonstrating how cybercriminals continue to profit and dominate the cyberthreat landscape, said Mr Lim.
According to him, shameware attacks in which cybercriminals exploit data by inflicting reputational damage on targets who do not accede to their ransom demands will increase.
A second threat is related to the upcoming mixed reality and the metaverse. Greater usage of Internet of Things devices that foster the convergence of the physical and online worlds could create greater exposure to cyberattacks, said Mr Lim.
“As we enter the era of Web 3.0, we will be interacting with smart devices that have intuitive and sensory triggers such as geolocation, computer vision, and biometric or commands,” he said.
Web 3.0 will make data breaches and other cyber-attacks a lot more impactful, as these attacks are on cars, buildings and physical lives, and could lead to far-reaching consequences in the real world, said Mr Lim.
Tatchapol Poshyanonda, Palo Alto Networks’ Thailand country director, said the API economy will usher in a new era of digital fraud and exploitative behaviour. Any security misconfigurations in APIs could be exploited as an entryway for cybercriminals to gain access to personal data, manipulate a transaction, or shut down a key service, he said.
Another trend involves critical digital infrastructure attacks. Cybercriminals are forecast to carry out more attacks on crucial digital infrastructure for confidential and lucrative data, said the company.
“In Thailand, financial, utility and healthcare are the top three sectors that should prepare for attacks on their critical infrastructure,” said Mr Tatchapol.
The final trend involves more attacks on the computers of individuals who spend more time working at home. Mr Lim suggested businesses embrace a zero-trust mindset as they need to “trust nothing and validate anything”.