How AI-powered fraud and aggressive ransomware could dominate 2022
To predict the future, sometimes we must take a careful look at the past. Cyber crime rarely works in 12-month cycles—it’s more fluid than that. So we can often spot the first signs of impending trends some time in advance. In this regard, 2021 has been instructive. We’ve seen more advanced and targeted ransomware actors looking to use zero-day exploits to compromise their victims. We’ve also seen an increase in dark web chatter about the use of deepfake technology and other AI-powered fraud techniques to support business email compromise (BEC) and similar scams.
Both could become a regular feature of 2022. But forewarned is forearmed, especially when it comes to cyber security.
Ransomware ramps up
Ransomware was the stand-out story of 2021. But amongst the headlines, one of the most interesting trends we’ve noticed is the increasingly aggressive way some groups are going after targets. We all know about phishing vectors, collaboration with Emotet and TrickBot groups, and exploitation of RDP and VPN infrastructure. But what about supply chain attacks using multiple zero-days?
That’s exactly what happened in a sophisticated campaign linked to the Clop group or its affiliates. It involved compromise of the legacy FTA file transfer service from Accellion, which impacted dozens of downstream customers, from global law firms to aircraft manufacturers. This was a highly targeted, well-planned operation from start to finish, which didn’t even use ransomware at all — relying solely on data exfiltration for extortion.
Of course, researching and exploiting four zero-day vulnerabilities doesn’t come cheap. But some ransomware actors now have hundreds of millions in stolen funds to their name, and the market for such exploits is growing. Expect more of the same in 2022.