Anuncio de 19. noviembre 2021

G DATA IT Security Trends 2022: Artificial Intelligence makes cyber attacks more dangerous

Attacks on supply chains are still on the increase and causing great financial damage.

In 2022, cyber attacks on companies will continue to increase, with attackers consistently exploiting any vulnerability. They rely on multi-ransomware attacks to achieve their goals, and are using Artificial Intelligence to produce better malicious code. The possibility of Android apps being integrated into Windows 11 also offers criminals a new attack vector.

The increasing trend in cyber crime will continue in 2022. Attackers are targeting companies generally in order to make the maximum of profit. In doing so, they are taking a division of labour approach and refining their methods. One trend in the coming years is that attackers will misuse legal tools for their purposes, such as malware programming via Codex. This is Artificial Intelligence that converts language into different programming languages, such as Python, JavaScript or PHP. Codex makes programming easier and faster and reduces errors in the code. Malware authors can now benefit from this as well - it means that they can write malware faster and better. At the same time, attackers are using new languages for malware, such as Kotlin or Swift. New principles and features are making life easier for cyber criminals.

Karsten Hahn

Criminals are having to adapt their strategies because it is no longer enough to hide malicious code from security software using packers. Malicious code in new programming languages is sometimes more difficult to analyse because there is initially little support from special analysis tools. But this is only a matter of time. So the old cat-and-mouse game between criminal hackers and defenders goes on.

Karsten Hahn

Malware Analyst at G DATA CyberDefense

Ransomware on Steroids

However, it is not only new attack options that threaten networks in companies, organisations and municipalities, but also the ongoing development of existing, profitable attack vectors. Therefore, more multi-ransomware attacks can be expected. With these, the criminals combine multiple attack vectors. They syphon off data from the company, encrypt data in the network and carry out a DDoS attack on the company's website. They then blackmail not only the company but also its customers and threaten to publish personal data if they do not pay up. Furthermore, the attackers adapt their targets to increase the pressure on their victims. Therefore, in the future, they will no longer be exclusively attacking company infrastructure, but also interconnected products - from vehicles to game consoles, kitchen appliances or networked industrial plants. Another trend is that operators of critical infrastructures in particular are being increasingly targeted, because they have a large, valuable collection of data.


Tim Berghoff

The level of IT security in companies is directly related to the overall level of the IT. The more professionally a company is set up, the higher the level of security is here. Small and medium-sized companies have a lot of catching up to do. They need to free up budget for this and either hire expert staff or work with external service providers.

Tim Berghoff

Security Evangelist at G DATA CyberDefense

Windows 11: access through the Android backdoor

With the possibility of Android apps being integrated into Windows 11, Microsoft is not only opening up new options for users to play games on a large monitor instead of a smartphone screen. It is also opening up new ways for cyber criminals to attack Windows computers and inject malicious code into systems. Companies and IT administrators also face challenges here if a bring-your-own-device policy allows the use of private Android devices at work. At present, developers of mobile malware are still struggling with a number of practical problems, such as approval procedures in app stores. However, mobile malware can be disguised as an update for a popular software package and thus will infect smartphones because so many people are careless and do not pay attention to warnings.

SMEs in the crosshairs

2021 has already shown that cyber criminals are increasingly attacking supply chains to infiltrate companies. This trend will not only continue, but also intensify. Small and medium-sized enterprises in particular are coming into focus, because they still do not pay the necessary attention to the subject of IT security. They are often the weakest link in the chain and offer attackers a gateway for infiltrating even larger organisations.


Anuncio de 19. noviembre 2021