G DATA IT security trends 2022: Artificial intelligence makes cyber attacks more dangerous, multi-ransomware attacks use AI and Windows 11 offers another attack surface with integrated Android apps.
Cyber crime will continue to rise in 2022. Attackers consistently exploit every weak point. In order to achieve their goals, they rely on multi-ransomware attacks and use artificial intelligence with which they create better malicious code. The possible integration of Android apps in Windows 11 also offers criminals a new target.
Cybercrime will continue to rise in 2022
The trend of increasing cyber crime will continue in 2022. Attackers target companies in particular in order to achieve maximum profit. They work in a division of labor and refine their methods. A trend in the coming years: the attackers are abusing legal tools for their own purposes, such as malware programming via Codex. An artificial intelligence that converts language into various programming languages such as Python, JavaScript or PHP. Codex makes programming easier and faster and reduces errors in code. Malware authors, who can write malware faster and better in this way, now also benefit from this. At the same time, the attackers use new languages for malware, such as Kotlin or Swift. New principles and features make cybercriminals' work easier.
"Criminals have to adapt their strategies because it is no longer enough to hide malicious code with packers from security software," says Karsten Hahn, malware analyst at G DATA CyberDefense. “Malicious code in new programming languages is sometimes more difficult to analyze because there is no support from special analysis tools at the beginning. But it's only a matter of time. The well-known cat-and-mouse game between criminal hackers and defenders continues. "
Ransomware on steroids
But it is not only new attack possibilities that threaten the networks in companies, organizations and municipalities, but also the further development of existing and profitable attack vectors. Therefore, more multi-ransomware attacks can be expected. The criminals combine several attack vectors: They derive data from the company, encrypt the data in the network and carry out a DDoS attack on the company's website.
They then blackmail not only the company, but also the customers and, if they fail to pay, threaten to publish personal data. In addition, attackers adjust their targets to increase the pressure on their victims. Therefore, in the future, they will no longer exclusively attack the infrastructure of a company, but also products that are networked with one another - from vehicles and game consoles to kitchen appliances or networked industrial systems. Another trend: Operators of critical infrastructures in particular are increasingly being targeted because they have a large and valuable treasure trove of data.
“The IT security level in companies is directly related to the entire IT level,” says Tim Berghoff, Security Evangelist at G DATA CyberDefense. “The more professional a company is, the higher the security here. Small and medium-sized companies have a lot of catching up to do. To do this, they have to free up their budget and either employ skilled staff or work with external service providers. "
Windows 11: Access through the Android back door
Windows 11 Pro for Business will also allow Android apps (Image: Microsoft).
With the possible integration of Android apps in Windows 11, Microsoft is not only opening up new possibilities for users, for example to play games on a large monitor instead of the smartphone screen in the future. There are also new ways for cybercriminals to attack Windows 11 computers and smuggle malicious code into systems.
Companies and IT administrators are also challenged here if a bring-your-own-device policy allows business-related use of private Android devices. At present, mobile malware developers still grapple with a number of practical problems, such as approval processes in app stores. However, mobile malware can be disguised as an update for a popular software package and infects smartphones because many people are careless and do not pay attention to warning messages. This in turn can make attacks on Windows 11 easier.
Medium-sized companies in the crosshairs
2021 has already shown that cyber criminals are increasingly attacking supply chains in order to infiltrate companies. This trend will not only continue but also intensify. Small and medium-sized companies in particular are coming into focus because they still do not pay the necessary attention to IT security. They are often the weakest link in the chain and offer attackers the gateway to infiltrate larger organizations.
More at GData.de
About G Data With comprehensive cyber defense services, the inventor of the anti-virus enables companies to defend themselves against cybercrime. Over 500 employees ensure the digital security of companies and users. Made in Germany: With over 30 years of expertise in malware analysis, G DATA conducts research and software development exclusively in Germany. The highest standards of data protection are paramount. In 2011, G DATA issued a “no backdoor” guarantee with the “IT Security Made in Germany” seal of trust from TeleTrust eV. G DATA offers a portfolio from anti-virus and endpoint protection to penetration tests and incident response to forensic analyzes, security status checks and cyber awareness training to defend companies effectively. New technologies such as DeepRay use artificial intelligence to protect against malware. Service and support are part of the G DATA campus in Bochum. G DATA solutions are available in 90 countries and have received numerous awards.