IT Brief New Zealand logo
Technology news for New Zealand's largest enterprises
Story image

Advanced scams, data breaches, crypto and NFT attacks to shape cyberthreat landscape in 2022

By Shannon Williams
Fri 14 Jan 2022

Two years into the pandemic, the world is gearing up for a year of recovery in 2022. Companies and individuals of all ages are ready to revert back to regain the sense of normalcy, with back-to-office, back-to-school, and back-to-travel policies currently being put in place.

That's according to cyber security firm Kaspersky, who has revealed  the four top trends to look out for this year. 

As witnessed this year, cybercriminals can target a variety of industries, from airlines, hospitals, government websites, banks, telecom companies, universities, eCommerce, and even social media giants through different sophisticated means.

Decrease of Targeted Ransomware Attacks
The times of pandemic coincided with the rise of targeted ransomware attacks worldwide focusing on the most valuable targets as well as interruption-sensitive businesses.

Some companies from SEA were among the victims of such attacks. However, with strong international cooperation and multiple task forces to trace ransomware gangs, Kaspersky experts believe that the number of such attacks will decrease during 2022.

"The initial call was made by the US government, involving the FBI, and even offensive capabilities of the US Cyber Command. We anticipate that the attacks may resurface later, focusing on hitting developing countries with poor cyber-investigative capabilities or countries that are not allies of the US," says Vitaly Kamluk, director of global research & analysis ream (GReAT) for Asia Pacific at Kaspersky.

"Given the geopolitical stance of some countries in Southeast Asia, it's likely that there will be less or even no such attacks in certain countries from the region in 2022," he says.

"Yet, broadly available hosting services offered by countries like Singapore and Malaysia, data center services and infrastructure can still be abused by the targeted ransomware gangs."

Advanced Scam and Social Engineering
One of the distinctive features of citizens of developed countries is an elevated feeling of safety. Higher expenditure on technology, including cybersecurity, generates a long term feeling of safety online as well.

As a result, the general population is less exposed to traditional cyberthreats - it's just harder to find unprotected infrastructure or infect users. This is why the attackers focus on non-technology focused attacks, exploiting human vulnerabilities, involving all sorts of scam via SMS, automated phone calls, popular messengers, social networks, etc.

The number of scam reports keeps increasing year over year according to Singapore Police Force: +16% (2021), +108.8%(2020), +27.1% (2019), +19.5% (2018).

It is relevant to other countries in the region. In Thailand, nearly 40,000 people were scammed with their bank accounts and credit cards showing inexplicable transactions. Scammers also used fake bank websites to steal banking details of Malaysians last year. Impersonations against top eCommerce platforms in Vietnam were also used to trick users to send money.

This trend is fuelled by automation of some services, such as automatic dialling and automatic initial message delivery with expected follow-up action that triggers manual human-driven scam operation.

"We believe this trend will develop further in the future, including production of victim-tailored documents, images, deep fake videos, voice synthesis," says Kamluk.

"It's possible that there will be a shift back from computer-assisted crime schemes (scams) to pure cybercrime based on complete compromise of digital assets (user accounts, smartphones, personal computers). It is likely we will see the first attempts of such technically-advanced scams in 2022.".

More Data Breaches by Unidentified Attackers
With the decrease of targeted ransomware attacks openly exposing stolen data and taking the responsibility for a breach, we will see the rise of stolen data being offered on the black markets.

"In recent years, we observed that in many cases of data breaches the victims were neither able to identify the attackers, nor find out how they got compromised," says Kamluk.

"Although there has always been a challenge to identify the attacker and the source of the breach, the percentage of such cases has increased significantly in the past 2 years reaching over 75% according to our research," he says.

Experts from Kaspersky believe it is not only a symptom of serious challenges that cyber defenders face, but also a motivational factor and a signal for other passive cybercriminals to rush into the field of data theft and illegal trading.

"As a result, we shall observe more stolen databases, internal communications, and personal details stolen from various companies and traded on the black market," Kamluk says.

Cryptocurrency and NFT Industry Attacks
By observing the cutting edge attackers with large human resources, such as Lazarus group and its sub-group, BlueNoroff, Kaspersky researchers concluded that we shall expect an even more significant wave of attacks on cryptocurrency businesses.

Even the growing industry of NFT (non-fungible token) will be targeted by cybercriminals. This is due to the fact that countries in SEA are leading in terms of NFT ownership, with the Philippines topping the list at 32% saying they own such digital assets.

Among the 20 countries surveyed, Thailand (26.2%) ranked second followed closely by Malaysia (23.9%). Vietnam landed on the 5th spot (17.4%) and Singapore was 14th (6.8%).

"From direct attacks on employees of cryptocurrency startups and exchanges through sophisticated social engineering, software exploits, and even fake suppliers to mass attacks via supply-chain software or its components (i.e. third-party code libraries) - we will see an increase of such cases," says Kamluk.

"Additionally, we should see more incidents of NFT property theft in the coming years. Being a totally new area, this will cause a deficit in skilled police investigators that will result in an initial surge of such attacks," he adds.

In addition, experts from the global cybersecurity company expects that these attacks will not only have an effect on the global cryptocurrency markets but also the share price of individual companies, which will also be monetised by the attackers via stock market illegal insights trading.

Related stories
Top stories
Story image
Managed service provider
Barracuda MSP Day 2022 highlights MSP opportunities
Barracuda Networks has released a report showing global services-related MSP revenue is set to increase by more than a third in 2022 compared to 2021.
Story image
Kubernetes
Sysdig unveils new Kubernetes troubleshooting and cloud innovations
Sysdig has introduced two new innovations that look to help bolster cloud services and simplify Kubernetes troubleshooting.
Story image
Sustainability
Aligned Data Centers increases sustainability-linked loan
Aligned Data Centers has increased its sustainability-linked loan from $375 million to $1.75 billion to speed up the next phase of its strategic growth.
Story image
GapMaps
GapMaps Live to improve brand decisions on physical locations
GapMaps has released its latest service GapMaps Live, giving more insights and features to help brands make better decisions about physical locations.
Story image
SaaS
Rubrik Security Cloud marks 'next frontier' in cybersecurity
"The next frontier in cybersecurity pairs the investments in infrastructure security with data security giving companies security from the point of data."
Story image
Ransomware
Alarming surge in Conti Ransomware Group activity - report
A new report has identified a 7.6 per cent increase in the number of vulnerabilities tied to ransomware in Q1 2022.
Story image
Malware
New vulnerabilities found in Nuspire’s Q1 2022 Threat Report
“Threat actors are quickly adjusting their tactics and these exploits tend to get industry attention, but the threat posed by older and attacks still persists."
Story image
Ransomware
APAC organisations fail to disclose ransomware breaches
85% of organisations in APAC were breached by ransomware at least once in the past five years, but only 28% publicly disclosed the incident.
Story image
Artificial Intelligence
Frost & Sullivan recognises Genesys as leader in new reports
Frost & Sullivan has recognised Genesys as a leader in the cloud contact centre market for its robust cloud and digital capabilities.
Story image
Amazon Web Services / AWS
RedShield leverages AWS to scale cybersecurity services
"Working with AWS gives RedShield the ability to mitigate significant application layer DDoS attacks, helping leaders adopt best practices and security architectures."
Story image
Silver Peak
The path to an adaptive, modern network
Managing and securing the network looks different than it did just two years ago—especially given that most of these networks are made up of multi-generations of infrastructure stitched together over time.
Story image
Cyber attacks
Devastating cyber attacks expected to hit energy sector
Energy executives anticipate life, property, and environment-compromising cyber attacks on the sector within the next two years.
Story image
Manhattan Associates
Shortening the click-to-customer cycle through smart technologies
Speed of delivery without accuracy is a dealbreaker for consumers. How can retailers operating in an omnichannel environment overcome the challenge of click-to-customer cycle times.
Story image
Digital Marketing
Similarweb acquires SEO and rank tracking company Rank Ranger
Digital intelligence company Similarweb, which specialises in analysing web traffic, has acquired Rank Ranger, a market leader in SEO and rank tracking.
Story image
Surveillance
i-PRO releases smallest AI-based surveillance camera on the market
The new i-PRO mini network camera is now available, with a pocket-sized form factor and full AI analytics functionality.
Story image
Cybersecurity
Cybersecurity prompts upgrade for 1.3 billion electricity meters
ABI Research finds Advanced Metering Infrastructure (AMI) and cybersecurity concerns are prompting the upgrade of 1.3 billion electricity meters by 2027.
Exabeam
Find out how a behavioural analytics-driven approach can transform security operations with the new Exabeam commissioned Forrester study.
Link image
Story image
Qualys
Qualys updates Cloud Platform solution with rapid remediation
The new update is designed to enable organisations to fix asset misconfigurations, patch OS and third-party applications, and deploy custom software.
Story image
Digital Signage
MAXHUB's Digital Signage range to bolster boardroom productivity
The new MAXHUB Digital Signage technology is purpose-built to make every kind of team meeting more effective.
Story image
Women in Technology
Huawei webinar emphasises the importance of women in tech
Industry findings by Coursera discussed as part of a webinar jointly organised by Huawei and Reuters Events found 6% more women enrolled in tech courses this year than in 2021.
Story image
Training
Trojan cyber attacks hitting SMBs harder than ever - Kaspersky
In 2022 the number of Trojan-PSW detections increased by almost a quarter compared to the same period in 2021 to reach 4,003,323.
Story image
Innovation
Fastly acquires Glitch, enables faster developer innovation
"This acquisition brings together two of the worlds best ecosystems for application development into a single, seamless developer experience."
Story image
Cybersecurity
A10 Networks finds over 15 million DDoS weapons in 2021
A10 Networks notes that in the 2H 2021 reporting period, its security research team tracked more than 15.4 million Distributed Denial-of-Service (DDoS) weapons.
Story image
Apricorn
Data backup plans inadequate, data still at risk - study
The Apricorn 2022 Global IT Security Survey revealed that while the majority organisations have data backup plans in place, data for many are at risk.
Story image
Data Center
Preventing downtime costs and damage with Distributed Infrastructure Management
Distributed Infrastructure Management (DIM) can often be a lifeline for many enterprises that work with highly critical ICT infrastructure and power sources.
Story image
New Relic
New Relic launches vulnerability management platform
New Relic has introduced New Relic Vulnerability Management to help organisations find and address security risks faster and with greater precision.
Story image
Cybersecurity
Comcast to use ThreatQuotient for cybersecurity operations
Comcast, the parent company of NBC Universal and SKY Group, has chosen ThreatQ Platform and ThreatQ Investigations to meet their cybersecurity needs.
Story image
Sift
Sift shares crucial advice for preventing serious ATO breaches
Are you or your business struggling with Account Takeover Fraud (ATO)? One of the latest ebooks from Sift can provide readers with the tools and expertise to help launch them into the new era of account security.
Story image
Multi Cloud
Red Hat updates dev tools, empowers use of hybrid and multicloud
Red Hat has unveiled updates across its portfolio of developer tools, designed to help organisations build and deliver applications faster.
Story image
Sustainability
Equinix announces milestones on sustainability commitments
Equinix has released its 2021 Sustainability Report which outlines progress, innovation and accomplishments on key ESG commitments.
Story image
ChildFund
ChildFund launches new campaign to protect children online
ChildFund says WEB Safe & Wise aims to protect children from sexual exploitation and abuse online while also empowering them to become digitally savvy. 
Story image
Employment
Tech job moves - Forcepoint, Malwarebytes, SolarWinds & VMware
We round up all job appointments from May 13-20, 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
Digital Transformation
Pluralsight and Ingram Micro Cloud team up on cloud initiative
Pluralsight has teamed with Ingram Micro Cloud to build upon cloud competence and maturity internally, and externally support partners’ capabilities.
Story image
Alteryx
Alteryx releases updates, empowers data insights for enterprise
Alteryx has released new advancements designed to aid enterprises with cloud analytics, democratise insights and ensure data governance.
Booster
Booster Innovation Fund. A fund of Kiwi ingenuity – for Kiwi investors.
Link image
Story image
Infrastructure
Nutanix study reveals financial services sector lagging with multicloud adoption
Nutanix has released new research that reveals the financial services sector is lagging behind when it comes to multicloud adoption.
Story image
Digital Transformation
The Huawei APAC conference kicks off with digital transformation
More than 1500 people from across APAC have gathered for the Huawei APAC Digital Innovation Congress to explore the future of digital innovation.
Story image
Cloud Security
Aqua Security createa unified scanner for cloud native security
“By integrating more cloud native scanning targets into Trivy, such as Kubernetes, we are simplifying cloud native security."
Darktrace
Threat actors are exploiting weaknesses in interconnected IT/OT ecosystems. Darktrace illuminates your entire business and takes targeted action to stop emerging attacks.
Link image
Story image
SaaS
Maintaining secure systems with expectations of flexible work
Most office workers feel they've proved they can work successfully from home, and as much as employers try, things aren't going back to the way they were anytime soon.
Story image
Customer experience
Gartner recognises Okta for abilities in Access Management
Okta has announced it has been recognised as a Customers' Choice for the fourth time in a row in the Gartner Peer Insights "Voice of the Customer" report.
Story image
Vodafone
Vodafone NZ buys remaining stake in retail joint venture
Vodafone New Zealand has purchased the remaining 50% stake in the specialist joint venture (JV) with private equity company Millennium Corp.
Story image
Supply chain
Jetstack promotes better security with supply chain toolkit
The web-based resource is designed to help organisations evaluate and plan the crucial steps they need to establish effective software supply chain security.
Story image
Data Protection
Barracuda launches new capabilities for API Protection
"Every business needs this type of critical protection against API vulnerabilities and automated bot attacks," Barracuda says.