Hyland 160x1200

Hyland 160x1200

Hyland 705x108

Sunday, 05 December 2021 16:50

KnowBe4’s team of cybersecurity experts release predictions for 2022

By KnowBe4

GUEST RESEARCH: KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, hasannounced its 2022 cybersecurity predictions from its team of industry experts.  

The predicted cybersecurity trends for 2022 include:  

  • Nuclear Ransomware 3.0 - A trend that is currently building for the future on the side of the bad actor is that ransomware gangs are morphing into "everything gangs". Instead of just doing ransomware and data exfiltration, they are doing cryptomining, botnet creation, DDoS attacks, etc. The attack gangs of the future will look at every new victim as a pot of gold and try to figure out what to do and in which order to maximiss financial value extraction.  
  • New Malware Family: Not the Kind You Would Welcome Into Your Home - A new dangerous and persistent metamorphic malware family called “Tardigrade” is a new strain of Windows malware. It can constantly adapt to avoid detection and was first found targeting the biotech industry, including the infrastructure behind vaccine manufacturing, according to security researchers. This “metamorphic” ability prevents the malware from leaving a consistent signature behind, making it very hard for antivirus programs to spot. It contains the sneaky ability to spread both via phishing emails and USB devices.
  • Virtually Pwned - Meta, the brand formerly known as Facebook, will entice masses to join the Metaverse. This will spawn a rush to establish dominance in the virtual world. As a result, hackers will also be drawn into this world, and we will see virtual attacks against both individuals and organisations. We will see an explosion of bad things happen to people and resources in the virtual world…virtual looting, virtual theft, account takeovers and more creative criminal exploits. 
  • Disinformation Powered by Deep Fakes Will Cause a Political/Financial Circus - We will see a coordinated disinformation campaign that will rely heavily on deep fakes and manipulated footage to cause a political/financial circus. A deep fake could be used to manipulate a certain political party’s views by stating false opinions, promises or beliefs of a particular candidate. This could cause a chain reaction of certain organizations pulling funds from a political campaign based on statements made by the deep fake.
  • An Attack Against Cryptocurrency Will Hit Real World Economies - A major cryptocurrency will be attacked, causing billions of dollars in lost value either through direct theft or in value loss. Many individuals and organisations will be severely impacted and it will be referred to as the Black Crypto Day.
  • A Major EU Power Station/Utility Provider Will Be Crippled in a Novel Way Other Than Ransomware - Most likely somewhere in Eastern Europe, we will see some bad actors cut off your power, your gas and your water. Then as you watch in horror as your phone, tablets and laptop batteries die, they will hand out an olive branch that many will be ready to accept, but at what cost?  
  • Someone Will Hack Back the Wrong Bad Actor and Trigger an International Incident - An overly-eager security researcher will think they have identified the culprit behind a major attack. In an act of retaliation, they will hack back only to discover they did not attribute the attack correctly. This will cause a major international incident and the organisation responsible will be placed under extreme scrutiny.
  • The Rise of Dark Economy M&A - A lot of criminal gangs have become extremely wealthy. In fact, some shady organisations are large enough to be listed on a stock exchange. So, we will see a more formalised dark economy emerge with some M&A activity taking place as some gangs will look to cash-in by selling their organisation while others look to grow in capability and reach.   
  • When AI Goes Wrong In 2022 - We’ll see the first wave of intelligent attack bots. The future is good threat hunting bots versus bad bots and the best algorithm wins. 

“In many ways, it seems as if things are getting worse for cybersecurity professionals who are trying their best to protect their organisations,” said Stu Sjouwerman CEO, KnowBe4.

“But I think we are starting to see more of a focus on the human element, including human behaviour, of cybersecurity protection measures. This is a positive shift in direction because people can implement all of the technical tools and controls in the world, but if they do not focus their efforts on the human layer of security, they are going to run into challenges. At the end of the day, a strong security culture is what truly matters and what we will see organisations focused on as we move into 2022.”  

The predicted trends were collected from KnowBe4’s global team of security awareness advocates who are experts with decades of experience in the cybersecurity field.

Jacqueline Jayne, Security Awareness Advocate, Asia Pacific, KnowBe4 predicts the following additional trends specific to culture, skills shortage and more in the APAC region:

Culture –2021 did indeed see a positive movement towards cybersecurity as an ‘everyone responsibility’ rather than it only sitting within IT. The increase of cyberattacks in 2021 provided compelling evidence that human error does indeed require attention. Many of the related conferences in the APAC region had a greater focus on the ‘human element’ of cybersecurity than in 2020. I anticipate seeing the growth in this area moving in a positive direction in 2022. One aspect of previous predictions included the commencement of company-wide KPIs related to cybersecurity expectations related to training, behaviour and reporting. Maybe 2022 will be the year!

Skills shortage – I remain hopeful that there will be a continuation of my 2021 predictions with the acceptance of ‘cyber life skills’ rather than just a STEM focus. As the general public begin to understand the 4th Industrial Revolution there will be greater opportunities for non-technical people to move into the field of cybersecurity.

General – BEC continues to grow with no signs of slowing which indicates there is a lack of awareness in most organisations globally. In 2020 and 2021 I spoke of the need for more collaboration across all business units. Alas, the silo mentality (where cybersecurity is ITs job) remains. I would very much like to be proven wrong, however I don’t see this moving in a positive direction in 2022. Until everyone accepts that cybersecurity is everyone’s responsibility, we will see the same results of the previous years with cyberattacks increasing in quality and quantity.

For more information on KnowBe4’s team of experts, visit https://www.knowbe4.com/security-awareness-training-advocates.

About KnowBe4

KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 44,000 organizations around the globe. Founded by IT and data security specialist, Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud, and other social engineering tactics through a new-school approach to awareness training on security. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4's Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as their last line of defense.

Read 3093 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


Thoughtworks presents XConf Australia, back in-person in three cities, bringing together people who care deeply about software and its impact on the world.

In its fifth year, XConf is our annual technology event created by technologists for technologists.

Participate in a robust agenda of talks as local thought leaders and Thoughtworks technologists share first-hand experiences and exchange new ways to empower teams, deliver quality software and drive innovation for responsible tech.

Explore how at Thoughtworks, we are making tech better, together.

Tickets are now available and all proceeds will be donated to Indigitek, a not-for-profit organisation that aims to create technology employment pathways for First Nations Peoples.

Click the button below to register and get your ticket for the Melbourne, Sydney or Brisbane event



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News