It is prediction time once again, and we’ve polled some of our esteemed experts here at Netskope to see what’s piquing their interest with 2022 on the horizon. Much like our predictions last year, we’ve broken the list out into some longer shots and some pretty safe bets. Here’s what we think is in store for 2022.

On Saturday November 13th, hundreds of thousands of recipients received an email from the FBI with the subject line of “Urgent: Threat actor in systems.” Thankfully for the recipients, it turned out the threat described in these emails wasn’t real as, unfortunately, the FBI had suffered an external email breach resulting in fake warning messages being sent out.

Iranian government-sponsored advanced persistent threat (APT) actors are exploiting known Microsoft and Fortinet vulnerabilities to attack targets with ransomware in the transportation, healthcare and public health sectors, according to an alert issued on Nov. 17 by the Cybersecurity and Infrastructure Security Agency (CISA).

A recently published report from the US Government Accountability Office (GAO) has warned that official security guidance from the Department of Education is out-of-date, and needs to be refreshed to address the increasing reports of ransomware and other cyber threats.

Ransomware has quite rightly been one of biggest ongoing stories of 2021 – and not just in the world of cybersecurity. The biggest ransomware cases where major companies have been forced to a halt until they pay a ransom have made global, headline news. The impact to victim organizations is usually financial loss and reputational damage. However, in cases such as the Colonial Pipelines attack, ransomware has caused real-world impacts on the general public too.

Protecting your business against a cyberattack means diligently monitoring for activity that could indicate an attack is in progress or has already occurred. Locating these pieces of forensic data (such as data found in system log entries or files) ultimately helps you identify potentially malicious activity on your system or network.

October marked a dubious milestone for cybersecurity. A report from the Identity Theft Research Center confirmed that the number of cyber attacks reported through the first nine months of the year exceeded the total recorded for the entirety of 2020. And not by a small margin either—attacks are up 17% in 2021 compared to last year. Clearly, hackers have been busy, as have the cybersecurity experts tasked with mitigating the damage.

The number of ransomware attacks continues to grow, and that trend will likely continue in 2022. Organizations will be attacked, files will be encrypted, and victims will need to decide whether to pay ransom or try to implement expensive and painful recovery techniques on their own. That much, unfortunately, should come as no surprise, but what will be different is how those attacks are carried out.

FIN7 is a well-organized criminal group composed of highly-skilled individuals that target financial institutions, hospitality, restaurant, and gambling industries. Until recently, it was known that high-level individuals of this criminal enterprise were arrested — specifically 3 of them — and extradited to the United States. This criminal group performed highly technical malicious campaigns which included effective compromise, exfiltration and fraud using stolen payment cards.

Cyberattacks can take many forms. Those intended to disrupt a business often happen as denial of service (DoS) attacks, and its even more disruptive cousin, the distributed denial of service (DDoS) attack. Such attacks are often executed by a botnet, which is a network of infected machines or connected devices at the order of a botmaster. Botnet attacks present yet another challenge for security and IT teams focused on cybersecurity.