Work from Home Trend and Crypto Hype to be Exploited in 2022 - GADGET-INNOVATIONS

Work from Home Trend and Crypto Hype to be Exploited in 2022

Share This




Avast experts predict and warn of audio Deep Fakes, optimized ransomware campaigns, and crypto malware




Cybersecurity experts from Avast (LSE:AVST), a global leader in digital security and privacy, foresee cybercriminals making advancements to ensure the effectiveness of ransomware, a continuation of cryptocurrency scams, heists, and crypto mining malware. Attacks abusing companies with work from home policies in place are also anticipated.




Ransomware gangs will step up their game in an attempt to keep up momentum

FinCEN, the US’s Financial Enforcement Network, reported the total value of suspicious activity related to ransomware in the first half of 2021 was 30% higher than the amount filed for all of 2020. This year, vital businesses such as the Colonial Pipeline, JBS, one of America’s largest beef producers, and Swedish supermarket chain, Coop, were affected by ransomware. Avast researchers predict the global ransomware crisis to deepen in 2022, with further attacks on critical infrastructure, such as aviation.




In order to better target businesses, the researchers believe cybercriminals offering ransomware as a service (RaaS) will improve affiliate models, including adding ransomware designed for Linux, better payouts, and building upon extortion layers. The Conti ransom gang recently threatened to sell access to the hacked organization  in addition to selling or publishing files if a company refuses to pay. Furthermore, attacks are expected to be carried out by company insiders.




Cybercriminals will continue to collect digital coins

With Bitcoin reaching a new all time high in 2021, Avast experts forecast a continuation of the use of crypto mining malware, cryptocurrency related scams, and malware targeting cryptocurrency wallets, as well as heists on exchanges in 2022. 




Work from home will keep company doors open for cybercriminals

While some aspects of public life have returned to normal, or a hybrid version of what society once was pre-pandemic, work from home will likely continue. According to a McKinsey survey from May 2021, office space managers expect a 36 percent increase in work time outside of their offices, after the pandemic. Working from home provides employees and companies benefits, but poor implementation in terms of network security set-ups will continue to put companies at risk.




“Misconfigured VPNs, especially without two-factor authentication, leave businesses particularly vulnerable as they are basically a locked door protecting extremely valuable information that would be better protected with a second lock or in a safe. This scenario gives cybercriminals easy access into a company’s network, if they can either get their hands on login credentials or can crack these,” explains Jakub Kroustek. “Another work from home related risk is employees downloading company data onto their personal device, which may not have the same level of protection as their company issued device.”




Additionally, Avast experts predict audio deepfakes will be used in spear-phishing attacks. Criminals will use deepfake audio to imitate an executive or other employee to convince someone to grant them access to sensitive data or to a company’s network.




“Cybercriminals may have more success with deepfake audio, because many people are still working from home. This means they cannot either see that the person on the phone is really at their desk typing and not on the phone with them, or they cannot confirm the person’s request by physically going over to them,” continued Jakub Kroustek.




How to protect oneself from attacks going into 2022

“No one should assume they are immune to cyber attacks, regardless of the operating system they use and the amount of technical expertise they have, software producers included,” explains Jakub Kroustek. “Supply chain attacks, like the attack on Kaseya that spread ransomware to its clients, happen time and time again and will continue to occur. It is therefore  vital devices be protected with security software”.




Patching will continue to be essential when it comes to combating ransomware and other attacks that propagate via unpatched software. Attackers will use vulnerabilities/exploits more frequently, even for commodity malware, like crypto miners, according to Jakub Kroustek.




Computer and mobile users alike should stick to official sites and app marketplaces when downloading software and updates to avoid malware and scams, as well as read reviews carefully to catch any red flags. Moreover, users should avoid clicking on suspicious links, such as links sent from unknown senders, regarding purchases, for example, that they did not make, or related to accounts they do not have, and links that do not match the service being referred to in messages.




Two factor authentication should be applied wherever possible, this applies to consumers and businesses alike, but is especially important for VPN configurations.




Finally, in terms of actions police can take to combat and eliminate the source of attacks, Avast experts foresee Infrastructure as a Service (IaaS) to be used more frequently, with malware authors primarily focusing on their malware, rather than the infrastructure it lives on. This could allow police to take down IaaS, to take down entire operations.



Bangalore, India, December 9, 2021