Experian Forecast Shows ‘Cyberdemic’ Will Continue Through 2022

A new Experian forecast shows continued remote working and supply chain disruptions will prove advantageous to cybercriminals in 2022.

The ninth annual Experian Data Breach Industry Forecast includes five predictions for 2022. It underscore the ongoing impact of the pandemic on cybersecurity.

Cybercriminals will continue to exploit vulnerabilities within remote working and the vaccine ecosystem. They’ll also set their sights on new targets such as online gambling.

Experian’s Michael Bruemmer

Michael Bruemmer is global vice president of data breach resolution at Experian.

“What we think will be most surprising for businesses and consumers, are the watch-outs related to the global supply chain and online gambling,” he said. “Between natural disasters and the pandemic, the perfect storm has been brewing to disrupt the global supply chain in major ways. And this creates vulnerabilities. Hackers may prey on these systems even more to create chaos or penetrate to make a ransomware attack. Consumers may feel the brunt from increasing scams such as offers to get items faster or major deals for goods that will tempt them to click on bogus links.

Additionally, increased digitization is creating new attack surfaces, Bruemmer said.

“We talked about the cannabis industry as an emerging sector last year, and this year we predict it will be online gambling,” he said. “So both providers of these platforms and users need to be aware there could be possible hacks and take steps to protect themselves.”

Experian Forecast Warnings

This year is on pace to be a record-breaking year for data breaches. To help organizations stay a step ahead, the Experian forecast warns of the following:

• Remote or hybrid work and the IT infrastructure required to support these constantly shifting patterns, both in the corporate office and in the home, mean vulnerabilities that emerged last year will only become more acute in the one to come. Booster vaccine distribution and fraudulent digital proof of vaccination will also keep public health authorities busy as COVID-19 continues to plague society.
• Natural disasters will drive more donations to aid organizations. Therefore, both donors and people in distress will see an increase in phishing attempts masked as charitable giving. Broken and unreliable global supply chains will make sourcing of important emergency goods difficult. That’s another vulnerability hackers will look to exploit.
• As more states legalize online sports betting, phishing scams will target the growing ranks of online gamblers, particularly new entrants. Relatedly, scammers will also target fantasy sports sites, whether through phishing attempts or outright hacks.
• Cryptocurrency arguably entered the mainstream last year, and non-fungible tokens (NFTs) are not far behind. As people increasingly accept these as legitimate transactions and legitimate asset classes, both will become targets for attack. These ostensibly safe, immutable assets are in fact vulnerable.
• Cyberattacks have generally sought either disruption or extortion. However, soon both state and non-state actors will more frequently target physical infrastructure like electrical grids, dams or transportation networks. Hackers may target funds disbursed by Congress that are intended to rebuild U.S. infrastructure.

What Businesses and Consumers Need To Do

Remote working is here to stay, Bruemmer said. Therefore, businesses should be adapting to this situation as business as usual instead of making fixes as temporary measures waiting for employees to return to the office. Organizations need to ensure remote employees are just as protected as those in the office.

“Consumers will need to stay alert of phishing scams, and keep their digital wallets locked up and secure, especially as bitcoin continues to soar in value,” he said. “As people increasingly use cryptocurrency and NFTs for transactions or as investments, hackers will target digital wallets or create fraudulent digital assets to fool prospective buyers. They should always be vigilant whether just online shopping or using cryptocurrency, and not click on links from unknown parties. Do not answer calls from unknown phone numbers. Be careful of phishing emails. And protect [your] personal information from too much exposure such as phone number, Social Security number, address, etc.”

Consumers and organizations alike will need to ensure vendors can be verified and in particular, government contractors will need to ensure that security and software providers are up to date and can accurately assess the constantly shifting threat landscape, Bruemmer said.

There have been more than 1,200 data breaches recorded to date, according to…