In its latest annual Data Breach Industry Forecast released Monday, credit bureau and information services company Experian said that it has identified five areas it believes cybercriminals will find opportunities to exploit in 2022.
The findings were made based on the observation that as people throughout the world become more digitally connected online than ever before, thanks in part to the global pandemic, so too is the potential for institutions, infrastructures, and personal lives to be more exposed to cybercriminals. "Big institutions remain vulnerable, despite spending millions on security, and cybercriminals have plenty of opportunities to exploit weak technologies," the report said.
Experian identified five top data breach trends to expect in 2022:
1. Digital assets
Digital assets, such as cryptocurrencies and non-fungible tokens, or NFTs, will become greater targets of attack as society accepts them as legitimate parts of the financial and technological landscape.
This prediction couldn't have come at a better time as crypto-currency exchange BitMart reported over the weekend that hackers sole about $150 million worth of tokens from its so-called "hot wallets." Blockchain security and data analytics company PeckShield, which first noticed the breach, estimated that BitMart's loss was closer to $200 million: $100 million on Ethereum and $96 million on Binance Smart Chain.
2. Natural disasters
Natural disasters will prompt people to donate more to aid organizations online, resulting in both donors and people in distress becoming more prone to phishing attempts from groups disguised as charitable organizations. To complicate things further, Experian said unreliable global supply chains will make the sourcing of emergency goods more difficult, which will provide another opportunity for online thieve to take advantage.
3. Remote workers
Remote workers will be targets of data thieves who are looking to hack into businesses and institutions. The report said that because home wireless networks are more vulnerable than many business VPNs, companies will need to focus more on security compliance from their employees. "Employees will need training on matters like how to spot a phishing attempt, or how to respond to a ransomware attack," according to the report.
4. Physical infrastructure landmarks
Physical infrastructure landmarks, such as electrical grids, dams, and transportation networks, will be greater targets by hackers, both foreign and domestic, who will attempt to steal some of the trillions of dollars Congress approved under the Biden infrastructure bill. Experian said that these bad actors will attempt to steal during the process of fund disbursement using a variety of scams from phishing to CEO fraud. "The sums are so large, and their distribution involves so many institutions and processes – from Treasury vendors to banks, to individual contractors – that hackers will be probing for weaknesses in the money supply chain," the report said.
5. Online gambling scams
As online sports betting becomes legalized in more states, phishing scams will target online gamblers, especially those who are new to online betting. And as online gambling becomes more legal, online scammers will be harder to detect. Experian predicts that common forms of thievery will include gambling using stolen credit card info, hijacking an account either through hacking or correctly guessing a password, or impersonating a legitimate online casino. Experian also noted that as cryptocurrency becomes more popular in online gambling, and more sites incorporate it for ease of use, hackers will attempt to break into digital wallets.
Data breaches remain a strong threat. In a recent report by the Identity Theft Resource Center, there have been 1,291 data breaches in 2021, as of September 30, 17% more than the 1,108 breaches reported during all of 2020.
"Cybercriminals have honed in on pandemic disruptions this past year so security professionals need to shore up security protocols and have data breach response plans in place – especially for ransomware – should a breach occur," said Michael Bruemmer, global vice president of Experian Data Breach Resolution who published the report. "Businesses must increase their focus and move past simply catching up to the 'new normal in how they operate," he added.