ZeroFox Releases 2022 Forecast Report Anticipating Increases in Ransomware, Third-Party Compromises and Malware-as-a-Service

ZeroFox Releases Brand Protection Trends Report, Finds 164% Increase in Cyber Threats Targeting Brands Quarter-Over-Quarter

New report details expected threat activity trends and recommendations for security teams to address external threats

ZeroFox, a leading external cybersecurity provider, today published the “2022 Threat Intelligence Forecast,” detailing expected cybercriminal behavior trends including ransomware, malware-as-a-service, vulnerabilities and exploits. Within the report, the ZeroFox Intelligence team reviews 12 months of threat actor activity from 2021 and provides go-forward recommendations for security teams as we continue into 2022. Key takeaways include an assessment of increasing ransomware threats targeting the financial, manufacturing, retail and healthcare sectors, a predicted surge in data kidnapping attacks, and a continued upward trajectory of third-party compromises targeting vendors within larger supply chains.

Marketing Technology News: IZEA Caps Record-Breaking January With Fortune 100 Contract Expansion

“In order to address the persistent and emerging threats that 2022 is sure to deliver, security leaders need access to forecasting data, geopolitical fluctuations and macroeconomic trends that provide indications and warnings of state-nexus and criminal threat actors’ next targets.”

Threat actors around the world made 2021 an extremely stressful year for security teams—perhaps the most challenging year on record. ZeroFox Intelligence observed record-setting ransomware incidents, more supply chain compromises, and increased geopolitical tensions in Europe and Asia. ZeroFox was also the first threat intelligence firm to discover a variant of ransomware called Colossus whose operators appeared to be highly familiar if not directly associated with other existing ransomware-as-a-service groups. Looking towards 2022, it is imperative that security teams understand the growing external cybersecurity threat landscape and criminal underground to appropriately resource their teams and employ strategies to effectively address emerging threat tactics, techniques, and procedures; not last year’s TTPs.

“In 2021, ZeroFox advanced our intelligence capabilities to further detect threat infrastructure and activities to provide timely, relevant and actionable intelligence to our customers. Leveraging that intelligence, our team of threat researchers, hunters and analysts is forecasting significant increases in the demand for Initial Access Brokers services, the use of Java-based vulnerabilities to recreate the success of Log4j, and the competition between infostealer developers,” said Brian Kime, Vice President of Intelligence Strategy and Advisory for ZeroFox. “Throughout 2022, ZeroFox Intelligence will continue to expand capabilities and improve our collection and analytical tradecraft to answer even more requirements for our customers and address emerging threats at scale.”

The 2022 Threat Intelligence Forecast report includes in-depth assessments of key external threat trends including:

  • Ransomware: ZeroFox anticipates a continued increase in ransomware attacks and extortion activities particularly targeting the financial, manufacturing, retail, and healthcare sectors
  • Third-Party Compromises (TPC): ZeroFox expects an increase in the use of third-party compromises as a means to distribute ransomware. The continued expansion of software supply chains will also likely contribute to a rise in TPC attacks
  • Malware-as-a-Service: ZeroFox assesses that, in 2022, there will be an increase in the use of information stealers within underground criminal markets, providing a lucrative outlet for various cybercriminals to peddle stolen credentials from various stages of an organization’s network compromise
  • Initial Access Brokers: ZeroFox assesses with high confidence that the demand for Initial Access Brokers services will continue to thrive in 2022, with more threat groups or individual actors attempting to sell access given the relatively low risk and high demand from various malicious groups
  • Vulnerabilities and Exploits: ZeroFox predicts that nefarious actors will research more Java-based exploit avenues, focusing on common libraries exposed to attacker control content
  • Phishing-as-a-Service: ZeroFox anticipates that cyber criminals will continue to use automation to fuel the growth of sophisticated Phishing-as-a-Service kits for sale and license
  • Cryptocurrency: ZeroFox expects remittance-heavy economies to move towards digital currencies in 2022 at a faster pace, especially in the Middle East and Central Europe

“The 2022 Threat Intelligence Forecast is rooted in our global intelligence collection gathered from the past 12 months, combined with the expertise from our world-class team of analysts and researchers with extensive experience and unmatched access for researching activities in the criminal underground,” said AJ Nash, Vice President of Intelligence for ZeroFox. “In order to address the persistent and emerging threats that 2022 is sure to deliver, security leaders need access to forecasting data, geopolitical fluctuations and macroeconomic trends that provide indications and warnings of state-nexus and criminal threat actors’ next targets.”

Marketing Technology News: Cameyo & Dito Form Alliance to Deliver End-to-End Zero Trust Security for Ultra-Secure…

Picture of Business Wire

Business Wire

For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.

You Might Also Like