Cybercrime Trends in 2022 and Beyond

In this article:
    Add a header to begin generating the table of contents

    Cybercrime has long been an issue for private businesses, citizens, and the public sector. New threats that have emerged over the past few years have also resulted in an increased focus on information security. It’s vital that organisations take cybersecurity seriously, and the statistics are there to back this up:

    • Every minute, $2.9 million is lost to cybercrime1
    • The average cost of a single ransomware attack is $1.85 million2
    • The average ransomware demand climbed 82% since 2020 to a record $570,000 in the first quarter of 20213

    Cybersecurity and data protection needs to be a priority for businesses, otherwise, the consequences can be devastating. That’s why staying up to date with current cyber security trends and continually adjusting your cybersecurity posture is critical.

    Today, we’re going to examine some of the emerging trends in cybercrime that businesses should be on the lookout for. Let’s dive in.

    Protect your business from the
    threat of ransomware

    Use our instant quote generator to get the best prices on security solutions that will protect your data from ransomware

    #1: Vulnerabilities from continued remote working

    Multiple cybersecurity risks have emerged due to the fact that many employees in traditional office jobs have spent a significant amount of time working at home over the last two years. While everyday life is largely back to normal, remote working is here to stay.

    Despite the benefits remote working has to offer, it does create security vulnerabilities that leave an organisation open to attacks. For instance, phishing has long been a prevalent form of cyberattack, but it became the most widespread and most high-profile cybersecurity threat of the decade during the pandemic. Remarkably, phishing attacks rose 220% during the height of the pandemic compared to the yearly average.4

    Cybercriminals used the pandemic to get unsuspecting individuals to provide them access to sensitive information. For example, elderly people received emails that promised them COVID-19 vaccinations if they provided sensitive data to criminals.

    It doesn’t end there. Home devices used by employees to access business networks are not subject to the same security scrutiny as corporate devices. They often lack firewalls, antivirus programs, and other security features installed on corporate devices. As such, they open opportunities for cybercriminals to access networks, and each device is a potential doorway into a company network. Moreover, the blurred lines between personal and professional life increase the risk of sensitive information falling into the wrong hands. 

     

    #2: Increase in Cloud security threats

    The rapid and widespread adoption of hybrid work models has seen the expansion of cloud-based services and infrastructure. Despite the scalability, efficiency, and cost benefits this can provide, it can also subject companies to more varied and sophisticated forms of cyberattack.

    More traditional forms of attack are still very much prevalent on top of this. Insider threats pose a significant cybersecurity threat within the context of the cloud. Insiders are responsible for a whopping 43% of all data breaches, and these breaches tend to be more detrimental to businesses’ long-term prospects.

    A company’s own employees can aid external attackers by stealing data deliberately and sharing it for personal financial gain. This can have disastrous consequences for businesses, including significant downtime on top of both reputational and legal costs that have long-term implications.

    A careless employee can also unwittingly download sensitive data from a corporate cloud service and share it with a third-party, such as a vendor, thereby putting corporate data at risk. Internal threats can emerge due to poor or sloppy security processes. For example, employees with weak passwords or those accessing the company’s network with unsecured devices can unintentionally put companies at risk of a cyberattack.

    Stay on top of the trends to keep your business protected 🛡️ – Configure your bespoke cybersecurity quote today!

    #3: IoT Risks

    The Internet of Things (IoT) is a collective term for the growing number of devices with sensors, processing ability, and other technologies that connect and exchange data with other devices over the internet.

    Cars, smart door locks, medical sensors, smart security systems, and smart appliances can all be connected through the IoT. And as the internet evolves, more devices will join the list, with the number of connected devices (IoT) set to reach 27.1 billion by 2025.5

    IoT devices can be beneficial to businesses in many ways. For instance, a business can use advanced IoT analytics to: 

    • Improve operational and supply chain efficiency 
    • Make data-driven decisions 

    However, this communication between devices opens them to vulnerabilities from external forces, attacks, or software bugs, thereby creating opportunities for cybercriminals.

    For instance, with the advent of IoT devices, artificial intelligence (AI) is predicted to increase the cybercrime rate. AI and IoT are making it easier for cybercriminals to get an access point to networks and systems. Any device that can be connected to the internet can be hacked. And with the rapid advancement of artificial intelligence, IoT devices are facing security problems that are proving difficult to solve.

    Worst of all, it’s harder to install firewalls, antivirus, and other security applications on IoT devices. This makes them even more vulnerable to cyberattacks. If malware attacks an IoT device, it could cripple the device’s functionality, and sensitive data can subsequently be stolen.

     

    #4: Sophisticated social engineering

    Social engineering is the act of manipulating people so they give up confidential information, including bank details and passwords. For example, a social engineering scam may involve someone masquerading as a legitimate employee to get sensitive company information from employees.

    Social engineering may also involve a scammer tricking an employee into thinking they are legitimate customers to get the employee to provide sensitive customer information. These threats are by no means new but have recently evolved and increased in numbers, driven at least in part by the pandemic and the rapid shift to remote work.

    Usually, social engineering involves email or text messages, but there is a range of techniques criminals are now deploying with some success, including:

    • Vishing and smishing
    • Sim jacking
    • SMS phishing 
    • Baiting
    • Tailgating or piggybacking

    Social engineering can be tricky for organisations because it’s difficult to identify before hackers gain access to your systems. Moreover, it can take more than five months to detect a social engineering attack, which is why it’s one of the popular techniques for data theft. In fact, 98%6 of cyber-attacks rely on social engineering, and these types of attacks can victimise even an experienced IT professional.

     

    Cybersecurity vendors can protect your business

    The threat landscape is constantly evolving. With around 300,000 new pieces of malware being created every day, the threats to businesses continue to increase. Cybercriminals are also approaching their targets with a business mindset, combining social engineering with sophisticated technology to obtain sensitive data.

    As such, staying on top of cybersecurity needs to be a priority for all organisations. Working with world-class cybersecurity vendors is the best way to enhance your cybersecurity posture without diverting significant time, money, and resources away from other crucial business operations. Working with external providers can give your organisation access to:

    • Threat detection
    • Updates and malware scanning
    • Staff training on steps to improving cybersecurity

    However, every business has unique demands. That’s why at Nexstor, we’re renowned for working with cybersecurity vendors to devise custom-made solutions, including Arctic Wolf. With over 15 years in the cybersecurity space, we have the expertise and resources to help you prepare and combat modern security threats. Get in touch with us today for more information on how we can help you combat these and other cybersecurity trends.

    Get advanced cyber threat
    detection and response

    Use our instant quote generator to get the best prices on security solutions across on-premise and cloud environments.


    ¹ The Evil Internet Minute 2019

    ² With Ransomware Costs On The Rise, Organizations Must Be More Proactive

    ³ Extortion Payments Hit New Records as Ransomware Crisis Intensifies

    Phishing Attacks Soar 220% During COVID-19 Peak as Cybercriminal Opportunism Intensifies

    ⁵ State of IoT 2021: Number of connected IoT devices growing 9% to 12.3 billion globally, cellular IoT now surpassing 2 billion

    Cyber Security Awareness Month

    Posted in
    Avatar

    Troy Platts

    Troy has spent over 20 years helping organisations solve their data, storage and compute conundrums. He is a regular speaker at vendor events and spends any free time he has keeping abreast of advances in data platform technologies. He also makes a mean curry.

    Subscribe to receive the latest content from Nexstor


      By clicking subscribe you accept our terms and conditions and privacy policy. We always treat you and your data with respect and we won't share it with anyone. You can always unsubscribe at the bottom of every email.