Cybersecurity Trends of 2022
Cybersecurity trends can convey a lot about a year and 2022 is no different, even if some of the shifts are surprising.
Each November, Securance reviews some of the most pervasive trends of the year. In 2020, we saw a massive influx in cybersecurity challenges presented by remote work during the pandemic. Then 2021 brought a continued need to protect the expanding attack surface and the adoption of zero trust. In 2022, each of these occurrences continued to trend upward with increasing volume and urgency. Global attacks increased by 28 percent in Q3 of 2022 compared to last year. The average weekly attacks per organization worldwide exceeded 1,130. This article will discuss the cybersecurity trends of 2022 and some rising data points in the coming year.
The most attacked industry in Q3 2022 was the education sector, with an average of 2,148 attacks per week. This is an increase of 44 percent in one year. Moreover, education is the sector least capable of stopping data encryption in a ransomware attack, according to the State of Ransomware in Education 2022 report. Higher ed reported the highest data encryption rate of all industries at 74 percent, with K-12 afterward at 72 percent.
The healthcare sector was the most targeted industry for ransomware in 2022, with one in 42 organizations impacted by ransomware. Even though the industry paid the lowest average payments of all sectors, the amount still averaged $197,000 in ransom money. Meanwhile, this figure does not include the potential fines for HIPAA violations.
Small and Medium-sized Businesses
Small and medium-sized businesses (SMBs) are at continued risk of cyber assault, with fewer resources and technical experts on staff. Despite this, small companies are also statistically likely to have immature security measures in place; only 72 percent had implemented cybersecurity measures as of late last year. A reported 42 percent of small businesses had endured a cyber attack of some type by late 2021.
Attack Type Trends
By the beginning of 2022, the number of phishing attacks had tripled compared to 2020. Consequently, phishing remains the most common attack performed by cybercriminals in 2022, with over twice as many phishing incidents than any other cybercrime. This year, Google’s Safe Browsing transparency report documents 75 times as many phishing sites as general malware sites.
Yet cybercriminals are evolving phishing attacks in new ways in 2022. There was a 50 percent increase in attacks on mobile devices. Cybercriminals are increasingly launching these attacks from trusted services, with an 80 percent increase— nearly one-third (32%)— of all threats now hosted on trusted services like Microsoft, Amazon Web Services, or Google.
A Sophos study found that 66 percent of organizations were hit by ransomware in 2022, up from 37 percent in 2020. Of those attacked, 46 percent paid the ransom to restore their data. On average they got back only 61 percent of their data. The State of Ransomware 2022 report found a three-fold increase in victims paying ransoms over $1 million, up from 4 percent in 2020 to 11 percent in 2021. The average ransom payment was $812,360.
On average, distributed denial of service (DDoS) interruptions cost US companies around $218,000 and lasted up to 549 hours by early 2022, regardless of whether the companies paid the ransom. Cybercrime Magazine predicted that global ransomware damage costs will grow to $256 billion annually by 2031 at the current rate.
The growing momentum of ransomware attacks reflects the expansion of the Ransomware-as-a-Service (RaaS) model. RaaS dramatically extends the spread of ransomware by decreasing the skills required to deploy an attack. According to the IBM Security Data Breach Report 2022, RaaS accounts for 11 percent of all cybersecurity attacks. The same analysis found that it costs companies an average of $4.62 million per breach.
Attack Surface Trends
Internet of Things (IoT)
According to IoT Analytics’ Spring 2022 report, the IoT has 12.2 billion active endpoints. If its evolution continues at the same rate, the IoT will grow to 30.9 billion units by 2025. In 2022, the ever-expanding enterprise attack surface became even more remote, regularly accessed from offices, data centers, service providers, corporate networks, by remote workers, and more. Still, most IoT devices have no built-in security, weak default passwords, and outdated operating systems.
In September 2022, the FBI released a statement warning that cybercriminals are increasingly targeting IoT devices to exploit their vulnerabilities associated with outdated software and poor security. This statement highlighted that 53 percent of IoT medical devices (insulin pumps, defibrillators, pacemakers, and more) had known critical vulnerabilities.
That same month, the Cybersecurity for the Internet of Things (IoT) program at the National Institute of Standards and Technology (NIST) released the final Profile of the IoT Core Baseline for Consumer Products after soliciting public comment in June of 2022. The publication identifies cybersecurity capabilities expected for IoT products, provides formal guidance to manufacturers, and incorporates work mandated by a 2021 executive order on cybersecurity labeling.
Remote work continues to grow and shows no signs of slowing down. Markedly, projections from Ladders claim that 25 percent of all professional jobs in the US will be remote by the end of the year, and this number will continue to increase through 2023. Verizon’s 2022 Data Breach Investigations Report noted that 50 percent of breaches are due to insecure remote access to web applications, often involving old passwords, stolen credentials, malware, and open back doors.
As we near the end of 2022 and look toward the future, the most significant trend to note is that the sophistication of attacks available to cybercriminals increases each year, while the skills needed to pull off an attack plummet. Costs have also increased at an extraordinary rate, and furthermore just one breach could cost your company millions of dollars in downtime, lost data, fines, and regulatory action. Thus, a proactive approach is the best way to protect your business and plan for cybersecurity in 2023 and beyond. Securance can help you understand the threats on the horizon and plan to evolve ahead of cybercriminals. Contact us today to set up a free consultation.