5 Ransomware Predictions for 2022 by Index Engines

Attacks in 2021 were massively successful and profitable, predicting an ugly trend: ransomware is going to get worse before it gets better.

HOLMDEL, N.J. — In 2021 ransomware was truly brought into the average family’s home. Their weekend BBQ and gas station fill ups were affected by ransomware. Their nightly news brought talks of Russian hackers and numerous FBI alerts warning of advancing cyberattacks.

Well get ready, because a new year on the calendar is not going to end the disruptions to business operations. The 2021 attacks have been massively successful and profitable, predicting an ugly trend: Ransomware is going to get worse before it gets better, according to the cyber experts at Index Engines, a provider of unstructured data management software for network data, backup tape and governance.

Based on conversations with hundreds of organizations around the world, and studying millions of client cybersecurity analytics through Index Engines’ CyberSense data integrity software, here are five predictions on the path of ransomware in 2022.

Cyber criminals will get smarter

Cyber criminals slipped malicious code into a routine software update in the SolarWinds attack, but that was 2020. Cyber criminals will continue to find new, innovative ways to penetrate the data center and circumvent end-point solutions.

Their goal: do as much damage as possible and make it hard and expensive to recover. In October, ZD Net reported a new strain of malware that can encrypt a corporate system in less than three hours. It capitalizes on the new remote workspaces, breaking in through TeamViewer and deploying within 10 minutes.

Volume of attacks continue to increase

JBS Meats, Colonial Pipeline, Air India and CWT Global made massive headlines and drew record-breaking ransoms. Why would cyber criminals stop now? It’s a lucrative business and attracting more hackers into its criminal enterprise. And now, no hacking skills required. Angry employees, disgruntled patients and anyone with a grudge can command a cyberattack using Ransomware-as-a-Service such as Conti, which already has over 400 attacks linked to it, according to the FBI. It’s truly going to get worse before it gets better.

Attack vectors will get more sophisticated

Cyber criminals are deploying more sophisticated attack vectors and corrupting data in new ways. Lockfile ransomware was brought to light this past July, doing something unique in the field of ransomware, “intermittent encryption.” This method evades detection of many standard detection tools that do not check the integrity inside file content.

Other attack vectors also cause significant destruction while avoiding detection. Jigsaw uses encryption combined with a progressive deletion and CrypMIC corrupts files without changing the extension.  Index Engines expects more attack vectors that corrupt data in sophisticated ways in order to circumvent basic analytics tools.

Backups will be targeted

Again, cyber criminals are trying to do as much damage as possible to make organizations as desperate as possible and demand as much money as possible. Disabling, erasing and encrypting backups will hinder any attempts by organizations to recover. Standard data protection leaves organizations’ backups vulnerable and cyber criminals know it. Among those is Conti, who anyone with funds can elicit, and can execute 160 commands including net stop “Veeam Backup Catalog Data Service” /y which, as it sounds, stops Veeam backups. (Read more here.)

The FBI already warned “Malicious actors have also added tactics, such as encrypting or deleting system backups — making restoration and recovery more difficult or infeasible for impacted organizations.” In 2022, relying on backups that have not been analyzed to recover from a ransomware attack is no longer a viable strategy.

Organizational down time will increase

Average down time is now 23 days, up by two days in 2021. This will continue to increase causing considerable disruption to businesses and infrastructure. Forget the ransom, that’s only the beginning. Days and weeks of employee work are gone, orders can’t be processed, labor is delayed, cattle can’t be fed… and if an organization is trading publicly. the damage to their reputation is irreparable.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Security Is Our Business, Too

For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.

A FREE subscription to the top resource for security and integration industry will prove to be invaluable.

Subscribe Today!

Leave a Reply

Your email address will not be published. Required fields are marked *

Get Our Newsletters