What are 2022’s biggest cyber threats? We asked the experts
With criminals finding increasingly clever ways to target us and companies getting increasingly aggressive with their data collection know how to protect yourself online can be tricky. Here to help we asked some of the biggest names in cyber security about what threats to expect this year and the best way to protect yourself against them.
We’re officially in 2022, which means we can expect even more new technology and new platforms that we all have to get used to.
But it also means that we need to be on the lookout for any new scams or threats that we haven’t seen before, whether that be more data breaches or a new format of phishing email.
We’ve asked three experts in security and technology to understand how you can stay safe this year and what you should be on the lookout for.
What will be 2022’s biggest cyber threats to consumers?
Duncan Brown, VP of enterprise research and lead of the Future of Trust research in Europe told Trusted Reviews that ransomware is less of a threat to the regular consumer, instead, phishing emails and online scams are more prevalent.
“Everyone talks about ransomware, and indeed we do see a lot of ransomware cases. But these are typically aimed at companies, probably because they have more resources to be able to pay a ransom. Ransomware reaches consumers occasionally, but consumers should be more aware of good old fashioned phishing emails, designed to obtain personal data and access to banking applications and so on,” said Brown.
“Missed delivery spoofs, where an attacker pretends to be a delivery driver with an undelivered package, are increasingly common. These scams were particularly popular around Christmas, but they are sent throughout the year, trying to catch consumers unaware.”
David Emm, principal security researcher at Kaspersky, agreed telling Trusted Reviews phishing emails are one of the most common cyber-attacks, adding that, since they can look quite convincing, it’s important users don’t click on any suspicious links from people they don’t know.
“I think if we look over time, I think threats to consumers tend to be consistent, I would split it into two parts. On the one hand, there would be the types of things that they could be subjected to in terms of threats. And then, on the other hand, the ways in which that will get onto their system,” said Emm.
“So if we look at the kinds of threats that consumers are facing, they tend to be opportunistic cybercrime. These are from attackers who are looking to obtain money directly, let’s say by obtaining banking credentials, and getting access to people’s bank accounts, or by installing some kind of monitoring software to capture their passwords… and use that personal data either to sell it onto other criminals or to use it themselves to take over accounts. So in other words, they will create phishing attacks, which masquerade as legitimate communications.”
Emm added that the attacks often include a social engineering element which can make them hard to spot.
“They will pretend to be from some provider or pretend to be from the government, and therefore catch people off guard and get them to either click on a link, which installs computer malware, or click on a link which takes them to a fake page, where they’re then persuaded to type in personal information, which is captured by the criminals. So I think I think that kind of social engineering approach continues to be the one that reaps the most rewards for attackers,” he said
Kaspersky Home Security
Keep your online activity safe and private across multiple devices – without compromising speed.
Check out Kaspersky’s new security plans from just £10.99 per year
- Kaspersky
- Money back gurantee
- from £10.99
What do you expect the most targeted platforms to be next year?
Fennel Aurora, a security advisor at F-secure, told Trusted Reviews cybercriminals are always looking for the most profitable market for scamming people, which is usually where the most people are.
“Cybercriminals are doing cost-benefit analyses on where to use their R&D resources, just like any normal company would. Where is the biggest market? Which market segment has the most people willing to pay? Which market is easiest to enter? The biggest market remains Windows PC for now, and this is where the greatest number of attacks and new malware appears. Android is catching up on both counts,” said Aurora.
“In general, iOS and Mac users are more valuable targets and can be more profitable if the crime company is able to put in the effort to develop more complex malware. However, the easiest markets to enter will depend on different factors – IoT (Internet of Things) malware does not need to be sophisticated as mentioned above, but there is a lot of competition, and your malware can be ejected by someone else’s malware. Windows PCs are everywhere, and especially in professional and work-from-home settings, and there are a lot of off-the-shelf tutorials and code examples for people to start from.”
All three experts agreed that Windows PCs were the number one target since it is the most commonly used machine, meaning that there will always be more people to target in that area.
“Well, I think we will continue to see Windows and Android on the mobile area continue to be the most targeted platforms, I mean, Windows is pretty much ubiquitous. And therefore, it’s, it’s going to be the most targeted platform simply because that’s the way that criminals can get the biggest bang for their buck. If they go for a lesser-used platform, let’s say Linux, then they know there’s only going to be a smaller number of potential targets in the poll,” Emm commented.
Emm added that Android’s popularity makes it the most targeted mobile platform for the same reason, but added issues with security add to its allure for criminals.
“The same is true on the mobile front. Android obviously has a big chunk of our people using it. But in addition, it’s also the easiest mobile platform to target. Not just because it’s popular, but also because it’s the sort of go-to-market strategy for Android is the same as Windows, which is let’s produce something which is very flexible to use. It’s easy for handset manufacturers to customise it. It’s easy for providers, network providers to customise it, it’s easy for individuals to do what they want to do, you know, they can go to Google Play, or they can go to other marketplaces, or they can browse any website that they want to,” said Emm.
“But that flexibility applies also to potential attackers. Whereas if they want to target let’s say, iOS, it’s doable. But they really need to try to find a way to sneak their code into the App Store. And obviously, that can be filtered more easily into the fact that they can kind of go off-road with Android which gives it that kind of target ability. So I think for those reasons, criminals will always target what is popular.”
What can consumers do to keep themselves safe?
F-Secure’s Aurora said, despite developments in the attack’s strategies, there are a number of simple ways users can protect themselves.
“There are few basic things, like locking the doors and not leaving valuables in plain sight, that will generally make your home harder to break into. The same goes for your devices and your accounts,” Aurora advised.
“Keep your devices and applications updated. Yes, it is a pain to keep doing this, but it is necessary to make it harder for attackers to use old easier methods on you. Start using a password manager – this is the only way to have a unique strong password on every account, meaning that even if one account is hacked, the damage is contained to that one account.”
The experts all recommended that users would make sure that their devices are updated and that you should never share your personal information with others, especially over a messaging service.
“The internet is still largely unregulated and so it is possible for criminals and scammers to send cyber attacks to almost any consumer in the world,” Brown went on to say.
“So be vigilant about any unsolicited email that you receive, and conduct just some very basic checks on each one: does it address you by name (good indicator) or by your email address (bad indicator). Similarly, on websites check that the URL looks correct, and the security padlock is present in the address bar,” Brown said.
Kaspersky Home Security
Keep your online activity safe and private across multiple devices – without compromising speed.
Check out Kaspersky’s new security plans from just £10.99 per year
- Kaspersky
- Money back gurantee
- from £10.99
Would you give any specific advice to non-tech savvy consumers?
Brown told Trusted Reviews, non-tech savvy people should always ask for help when in doubt about an incoming message or dodgy looking web pop up.
“The best advice I would give to anyone unsure about the security of their device and applications is: don’t be afraid to ask for help. Even if it is a friendly relative or neighbour, just getting an extra pair of eyes on a concern can help to detect a scam or provide reassurance,” Brown said,
“If you are able to learn what a good or bad URL looks like, then this will help stop phishing scams, and it will help detect rogue websites. But sometimes these scams are hard to detect, even for more experienced individuals, so if you think that you are a victim of cybercrime don’t be embarrassed and contact the relevant authorities.”
Emm mirrored Brown, arguing that anyone who is unsure should always ask for help; if you have a friend or family member that is more familiar with tech and what these scams look like, make sure you ask for their input, which will also help give you peace of mind about how you use the internet.
“It’s easy to listen to people like me and think, oh, my goodness, you know, the online world is so scary, I’m not going to do stuff. And I don’t think people should think that I think it’s like living in a city, you know, you’re going to go out places. But generally speaking, it’s okay to go out. Yes, you could get knocked down on the road, you know, there are hit-and-run drivers. There are muggers and purse-snatchers. But actually, we stay in well-lit places and we don’t carry our valuables where they’re obviously visible. And we use crossings on the road. And that means that by and large, we can stay safe,” said Emm.
Emm added that this advice applies to mobile as well as desktop.
“I would say the same is true that following some basic things, you can really reduce your exposure to attack and the top three would be protecting yourself, so on whether it’s your mobile or whether it’s a desktop or laptop or tablet, install some security software on there,” said Emm.
“The second would be staying updated. So whenever an operating system or an application says there’s an update available, including apps on your phone, install them, because what that does is it kind of patches any potential holes in the system that could be used for criminals to kind of get their fingers in and pry prise it open and get in. And the third would be to backup your data, keep your data backed up regularly.”
Kaspersky Internet Security is now 50% off from just £17.49 per month