Cyber threats are constantly changing and evolving. In its yearly threat report, Sophos highlights five interrelated threat trends: the future of ransomware, malware begets malware, security and AI in 2022 and beyond, unstoppable mobile malware, and infrastructure under attack.
The future of ransomware:
- Ransomware is one of the potentially most damaging and costly types of malware. 2022 sees no evidence of malware slowing down, the majority of incidents the Sophos incident response team investigates is ransomware (79% of all cases)
- Threat actors increasingly look for company secrets before launching the ransomware encryption, adding a second layer of threat: to release sensitive internal documents, customer information source code, patient records
Malware begets malware:
- Evidence suggests that threat actors are increasingly using malware families, modifying them only slightly to suit their needs. This, for example, allows ransomware gangs to scale up operations easily
Security and AI in 2022 and beyond:
- Over the last year, the security community came to recognize that machine learning is an indispensable factor for detection capabilities. AI for security vendors will become less a competitive advantage
- At the same time, AI is also becoming more accessible to threat actors, and can help adversaries spread disinformation or spoof social media profiles. Adoption of AI technologies by adversaries is not widespread, but is expected to be in the upcoming years
Unstoppable mobile malware:
- Years ago, Windows computers were the main targets for adversaries. That is no longer the case. Malware also targets Android, and to a lesser extent iOS for mobile devices.
- The most prevalent mobile malware belongs to the family of “droppers” – a malicious programme designed to deliver other malware to a victim’s phone.
- Although most malware targets Android devices, iOS is not invincible. Hackers have found creative ways to install fraudulent apps on iPhones
Infrastructure under attack:
- Criminals have started to focus on the infrastructure that underpins society and business
- They do that by increasingly targeting Linux and IoT devices
Why does this matter for businesses?
- Threat is constantly changing. Companies need to anticipate those changes in order to adequately respond to them
- The trends Sophos identifies in their report are indicative of a larger set of trends the domain of cybersecurity is undergoing
