8 advanced threats Kaspersky predicts for 2022

Advanced threats constantly evolve. This year saw multiple examples of advanced persistent threats under the spotlight, allowing Kaspersky to predict what threats might lead in the future.

Advanced persistent threats, which focus on cyberespionage goals, are a constant threat to companies, governments and freedom activists, to name a few. This activity keeps growing and evolving as more threat actors increase their skill.

SEE: Google Chrome: Security and UI tips you need to know  (TechRepublic Premium)

Kaspersky released its advanced threat predictions for 2022 and shared interesting thoughts on next year’s landscape. Here are eight advanced threats Kaspersky predicts will happen in the coming year.

1. An influx of new APT actors

The recent legal cases against offensive security companies like NSO brought the use of surveillance software under the spotlight. NSO, an Israeli company providing services including offensive security, is being accused of providing governments with spyware that was ultimately turned on journalists and activists.

Following that action, the U.S. Department of Commerce reported in a press release that it added NSO to its entity list for engaging in activities that are contrary to the national security or foreign policy interests of the United States. The department added three other companies to that list: Candiru (Israel), Positive Technologies (Russia), and Computer Security Initiative Consultancy PTE LTD (Singapore).

The zero-day exploit market keeps growing, while more and more software vendors start selling offensive capabilities. All this business is highly profitable and can only attract more players in the game, at least until governments take actions to regulate its use.

Kaspersky said that “malware vendors and the offensive security industry will aim to support old but also new players in their operations.”

2. Mobile devices targeting

The topic of compromising mobile devices is not new, yet still very sensitive. Kaspersky underlined an important difference between the two main operating systems on mobile phones: Android and iOS. Android allows more easily the installation of third-party applications, which results in a more cybercriminal-oriented malware environment, while iOS is mostly targeted by advanced nation-state sponsored cyberespionage. The Pegasus case revealed by Amnesty International in 2021 brought a new dimension to the iOS zero-click, zero-day attacks.

SEE: Password breach: Why pop culture and passwords don’t mix (free PDF) (TechRepublic)  

Malware infection is actually harder to prevent and detect on mobile devices, while the data it contains often is a mixture of personal and professional data never leaving its owner. IT makes it a perfect target for an APT attacker.

Kaspersky concluded, “In 2022, we will see more sophisticated attacks against mobile devices getting exposed and closed, accompanied…

Access the original article

Subscribe
Don't miss the best news ! Subscribe to our free newsletter :