Authlogics Authlogics
  • Solutions
    • Password Security Auditing
    • Password Policy Compliance
    • Password Breach Database
    • Passwordless Authentication
    • Deviceless OTP
    • Single Sign-On
    • Cloud Protection
      • Amazon Web Services
      • Azure and Office 365
    • Helpdesks
    • Retail Banking
    • Transaction Verification
  • Products
    • Password Security Management
    • Multi-Factor Authentication
      • Authenticator Mobile App
      • PINgrid
      • PINphrase
      • PINpass
      • Yubikey
    • System Agents
      • ADFS Agent
      • Domain Controller Agent
      • Exchange Agent
      • Remote Desktop Agent
      • Windows Desktop Agent
  • Resources
    • Demonstration
    • Whitepapers
    • Datasheets
    • Case Studies
    • Use Cases
    • Pricing
    • Blog
    • Accolades
    • UK Government: G-Cloud
  • Partners
    • Find a Reseller
    • Find a Distributor
    • Technology Partners
    • Become a partner
    • Password Security Portal
  • Company
    • Contact Us
    • Intellectual Property
    • About Us
  • Support
    • Downloads
    • Documentation
    • Knowledge Base
    • Community
    • Log a call
Authlogics Authlogics
  • Solutions
    • Password Security Auditing
    • Password Policy Compliance
    • Password Breach Database
    • Passwordless Authentication
    • Deviceless OTP
    • Single Sign-On
    • Cloud Protection
      • Amazon Web Services
      • Azure and Office 365
    • Helpdesks
    • Retail Banking
    • Transaction Verification
  • Products
    • Password Security Management
    • Multi-Factor Authentication
      • Authenticator Mobile App
      • PINgrid
      • PINphrase
      • PINpass
      • Yubikey
    • System Agents
      • ADFS Agent
      • Domain Controller Agent
      • Exchange Agent
      • Remote Desktop Agent
      • Windows Desktop Agent
  • Resources
    • Demonstration
    • Whitepapers
    • Datasheets
    • Case Studies
    • Use Cases
    • Pricing
    • Blog
    • Accolades
    • UK Government: G-Cloud
  • Partners
    • Find a Reseller
    • Find a Distributor
    • Technology Partners
    • Become a partner
    • Password Security Portal
  • Company
    • Contact Us
    • Intellectual Property
    • About Us
  • Support
    • Downloads
    • Documentation
    • Knowledge Base
    • Community
    • Log a call
2022 Predictions

The Rise of Ransomware, Cryptocurrency Corruption, and Vaccine Vulnerabilities.

Kate Wotherspoonon 21st December 2021

2021 started with a bang, just the first 6 months saw some of the largest and most harmful cyberattacks ever witnessed, such as SolarWinds and the attack on the Colonial Pipeline. These gave us a small taste of how the rest of the year would go, as attackers continued to attack vulnerable organisations and introduce us to their new and improved tactics. JBS Food fell victim to a cyberattack, a hacker attempted to change the pH levels at a water treatment facility, online learning was impacted in the UK when schools in the Isle of Wight were hit, and the Kaseya hack impacted approximately 1.5k businesses. And these are only a few of the incidents seen this past year. Threat-actors have targeted hospitals, schools, even charities, demonstrating their ruthlessness as they become increasingly sophisticated and dangerous.

Reflecting on the past year

While other industries have struggled as the COVID-19 pandemic continued throughout 2021, the cybersecurity industry has been in high demand as businesses have recognised how online activity has increased from both an employee and consumer perspective. Organisations have scrambled to buy the newest solutions, without really knowing what they’re for, in an attempt to protect themselves and their employees. In some cases, stronger security measures have been successfully implemented in many organisations, to protect against vulnerabilities, but there is still a long way to go in terms of securing accounts and passwords, which have posed a serious blind spot for many industries.

 Passwords themselves create a substantial cybersecurity gap, as we saw with various breaches this year. For instance, the Authlogics Password Breach Database tells us that, in October 2021, data reportedly from the website coffeefads[.]co[.]uk was posted on a popular hacking forum. The data contained emails, names, and hashed passwords, providing threat-actors with an easy and legitimate gateway onto the company’s servers. There were over 8700 compromised passwords, which we were able to recover in plain text. Even worse, a mobile parking app (ParkMobile) suffered a data breach in March, during which 20,949,825 passwords were compromised.. Another example found on our database in 2021 was a breach exposing 1.4 million unique customer email addresses from customers on MeetMindful, an online dating service. This exposed a vast amount of sensitive information including geographical locations, IP addresses, and passwords stored as bcrypt hashes. Shockingly, 1,422,717 passwords were compromised on this platform – no wonder malicious actors found a way to access the servers and extract valuable information. These are just a few examples amongst thousand others, which underline the importance of secure account management and good password practices. Threat actors don’t discriminate amongst their victims. Essentially, no one is safe and a lack of multi-factor authentication or adequate security besides passwords, leaves accounts unsecured and puts individuals and entire businesses at risk of breach.

Now that 2021 is coming to an end, it is time to start looking ahead and prepare for the advancing threat-landscape and the dangers it could bring. Which existing trends will accompany us into the new year? Will they evolve? Will we see any news trends that may be somewhat unexpected? Of course, we cannot see into the future with 100% clarity, however it’s important to consider what trends will stick around in order to prepare for the worst-case scenario and not get caught with our pants down.

 

What’s in store for 2022?

Rise of Ransomware: If you thought ransomware was big in 2021 you’ve seen nothing yet. We should expect to see not only more large public attacks like we saw with the Colonial Pipeline, but also many more small, targeted attacks on specific verticals – in particular healthcare and pharmaceuticals.

Vaccine Vulnerabilities: The continuing mainstream and social media hysteria together with the ever-changing government rules over Covid-19 and vaccines has created a perfect environment for bad actors to trick and manipulate people into giving away their private, even medical, information.

Continuation of Compromised Credentials: A lack of awareness and training leaves victims vulnerable as they often don’t know what to look for when attempting to identify a phish. Threat-actors no longer suffer from bad grammar and poorly constructed email addresses, and phishing attacks are becoming almost impossible to spot. As a result, hackers have never been so successful in manipulating their victims into handing over legitimate login credentials. They may as well be holding the door wide open for someone seeking easy, unauthorised access.

Steven Hope, our CEO and co-founder believes that: “despite many viable alternatives, passwords will still dominate as the primary login method, at work, and at home. Unfortunately, legacy password policies and bad personal practices will most certainly continue.” With this in mind, the pandemic has shown us that there is no need for employees to work from their offices full time. As a result, employees will be seeking out more flexible work arrangements, which paired with the uptick in account breaches and password leaks, will slowly increase the demand for multi-factor authentication across organisations.

Cryptocurrency Corruption: On another note, cryptocurrencies will also continue to make major waves in 2022. We believe they will disrupt traditional institutions and find their place in daily life. The waves will be large with continuing volatility in the short term; consequently, there will be more disparity between the ‘winners’ and ‘losers’ when it comes to stocks and trading. As a result, we will see much more “market-making”, media, and technical attacks on Bitcoin and Ethereum as they further mature and develop. However, we should expect these not only to survive into the new year, but to thrive. An example of this is the El Salvador experiment, which potentially gives us a glimpse into how cryptocurrencies will play a part in all our futures – for better or worse, whether the respective government likes it or not. In addition, newer currencies such as “Fedcoin” and “Britcoin” will continue to occupy the media and attempt to move focus off of decentralised crypto currencies; although this will be all talk, with no real functional outcome

Metaverse Domination: On a more personal level, in 2022 as more people become aware of the Metaverse, somebody in your friendship circle may have heard of it, while another may be able to speak a bit about what it is and what it’s for, but nobody will be able to explain how 15-year-olds are making millions from it.

It’s not about “if” but “when”: Ultimately, uncertainty will be an unfortunate theme that will follow us into 2022, which will continue to be present in the news. We need to be prepared for anything and everything and make sure we have the right security measures in place to protect our valuable assets and information.

We believe that those who limit social and mainstream media, ditch using passwords, and buy some Bitcoin will be happier and better off by next Christmas.

Authenticate with Authlogics in 2022, with or without passwords – we’ve got you covered!

info@authlogics.com  |  +44 1344 568900

 

 

in Business, Customer Experience, Data Breach, Password, Password Security, Predictions, Remote Working
tags: Authlogics, business, compromised credentials, cybersecurity, data breaches, password security
  • Previous

    The biggest risk to retailers and consumers on Black Friday / Cyber Monday? Breached and insecure passwords

  • Next

    ARTICLE: When cutting costs on defending your networks isn’t an option

Recent Posts

  • Top Ten Universities Vulnerable to Data Breaches and Need Better Password Education
  • Strong Leaders Don’t Have Strong Passwords
  • If You Do One Thing on World Password Day, Find Out How Many of Your Passwords are Being Shared Around the World
  • The Road to Password Hell is Paved with Good Intentions
  • ARTICLE: When cutting costs on defending your networks isn’t an option

Recent Comments

  • Top Ten Universities Vulnerable to Data Breaches – The ID Bulletin on Password Security Management
  • The highway to password hell is paved with good intentions - Andre HOT on Have you been Pwned? Most likely
  • The street to password hell is paved with good intentions - Trend Directory on Have you been Pwned? Most likely
  • The highway to password hell is paved with good intentions - Theopenlab on Have you been Pwned? Most likely
  • The highway to password hell is paved with good intentions - Lecheyre.ch on Have you been Pwned? Most likely

Archives

  • June 2022
  • May 2022
  • March 2022
  • February 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • February 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • May 2020
  • April 2020
  • February 2020
  • January 2020
  • December 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • January 2019
  • September 2018
  • January 2018
  • October 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • February 2017
  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • July 2016
  • June 2016
  • May 2016
  • April 2016
  • March 2016
  • November 2015
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • May 2015

Categories

  • Authentication
  • Awards
  • Business
  • Compliance
  • Customer Experience
  • Data Breach
  • Download
  • Implementation
  • Management
  • Marketing
  • Multi Factor Authentication
  • Password
  • Password Replacement
  • Password Security
  • Passwordless Authentication
  • PIN
  • Predictions
  • Remote Working
  • Security
  • Single Signon
  • Strategy
  • Uncategorised

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Contact us

UK: +44 1344 568 900
US: +1 408 706 2866

sales@authlogics.com
info@authlogics.com

Visit us

329 Doncastle Road, Bracknell,
Berkshire, RG12 8PE, UK

Map it »

1551 McCarthy Blvd, Suite 215,
Milpitas, CA, 95035, US

Map it »

Follow on

Legal information

Privacy Policy
© Authlogics Ltd. All Rights Reserved.