KPMG's cybersecurity predictions for 2022

From 'Big Data'to 'Deepfakes', KPMG UK's Head of i-4, Matthew Roach shares his cybersecurity predictions for the upcoming year.

Matthew Roach, Head of i-4 at KPMG UK, manages the KPMG i-4 cyber threat intelligence exchange for member organisations. i-4 is a confidential trust group for chief information security officer (CISOs) and cyber security leaders to find enriching content in order to stay ahead of today's cyber security challenges. He began his career with the Metropolitan Police Service, rising to the Serious and Organised Crime Agency and latterly the National Crime Agency and is a founder of the National Cyber Crime Unit. He shares his predictions for 2022.

The march of the maligned insider

COVID-19 has changed so many aspects of our working lives. As global corporations plan and implement their return from lockdown, in some cases mandating staff back into the office, many colleagues feel a mixture of reluctance, even resentment in being forced to perform a task under the harsh glare of office lighting, rather than the comfort of their own home. This ‘enforced return’ policy can generate ill-feeling and will prompt some to seek favourable opportunities elsewhere. Employers run the risk of generating a flood of ‘bad leavers’ who could walk out the door with sensitive data whilst working from home in the belief that because they are out of sight of their employer they have a lower chance of being caught. The threat actor community knows this and will seek to take advantage of those with an axe to grind.

Big data and 5G will open up new vulnerabilities for transport

The global rollout of 5G and ‘smart’ vehicles containing an orchestra of sensors is already generating sizeable data lakes of user behaviours that vehicle manufacturers will wish to retain and capitalise on. As data is widely seen as ‘the new oil’, our transportation habits will be seen as an easily exploitable vulnerability by ambitious attackers. Recent outages experienced by vehicle manufacturers have left drivers unable to operate their cars and some have been left stranded. As ‘smart’ vehicles increase in popularity, we can expect threat actors to direct their disruptive efforts more towards cars. We may even see the resurfacing of a modern day ‘digital Dick Turpin’, emulating the 17th century highway robber demanding money for travel.

A rise in deepfake attacks is expected

The technique of using AI to emulate corporate leaders’ signatures will become a more mainstream attack vector in 2022. Financial institutions have been increasingly reliant on voice analysis as a security measure and the threat actor community has already cottoned on. This method was used successfully at the end of 2021, with a $35m theft from a bank based in the UAE. Banks and global investment houses need to take note and ensure their security methods are not over reliant on any single technology solution.

Ransomware will be rebranded

As Emotet has re-emerged following the short-lived law enforcement takedown, there is evidence of collaboration between notorious ransomware gangs that will gather pace next year. Most recently, Emotet has been adapted to drop Cobalt Strike onto victim’s systems, and we can expect threat actor groups including Ryuk, Conti and Revil to work together and kick off with new campaigns targeting sectors which have not previously been subjected to such attacks – with their sights set on retail. As well as disabling systems, these threat actors will be aiming to harvest customer credentials to carry out a double extortion/secondary fraud attempts at scale. Retailers and ecommerce should ensure their client data is held in an encrypted format to protect against this threat.

Public cloud attacks on energy industry

Many companies in energy are heavy users of public cloud which is considered less secure than its alternatives, therefore, it is reasonable to assume these will be subjected to increased attacks. Threat actor groups are already conducting these attacks on a daily basis in order to obtain a foothold into energy corporations’ cloud infrastructure. It is highly advisable for corporations to conduct regular penetration tests of their cloud infrastructure to identify security gaps before the opposition does it for them.


Featured Articles

Tech & AI LIVE: Key Events that are Vital for Cybersecurity

Connecting the world’s technology and AI leaders, Tech & AI LIVE returns in 2024, find out more on what’s to come in 2024

MWC Barcelona 2024: The Future is Connectivity

Discover the latest in global technology and connectivity at MWC Barcelona 2024, where industry giants converge to discuss 5G, AI and more industry trends

AI-Based Phishing Scams Are On The Rise This Valentine’s Day

Research from Egress Threat Intelligence, Avast, Cequence Security & KnowBe4 outlines how AI is being used in dating app phishing scams on Valentine’s Day

Speaker Lineup Announced for Tech Show London 2024

Technology & AI

Darktrace predicts AI deepfakes and cloud vulnerabilities

Cloud Security

Secure 2024: AI’s impact on cybersecurity with Integrity360

Technology & AI