A question on the lips of many in the technology sector is whether 2022 will be the security turning point? Considering this matter is Dr. Darren Williams, CEO and Founder of BlackFog (a company that deals with on-device data privacy, data security and ransomware prevention).
Williams considers the evolution of ransomware gangs, food supply vulnerabilities (where supply chains are often exposed), together with up and coming threat actors (building upon the trajectory seen throughout 2021).
Digital Journal: Will ransomware gangs start to rival enterprises in complexity?
Darren Williams: In the past year, we’ve already seen ransomware gangs morph into savvy businesses with sophisticated organizational structures, with one going so far as to create a fake company to recruit talent. In 2022, we’ll see this trend continue to pick up steam, with greater coordination between gangs, double extortion evolving to triple extortion and short selling schemes skyrocketing.
DJ: You’ve said companies who pay ransoms will pay in other ways. What does this mean?
Williams: While many companies hit with ransomware opt to pay up to quickly resolve the situation and get back to business, they’ll find themselves paying in other ways when it comes to the court of public opinion. Consumer trust of organizations that pay the ransom will continue to erode and lawsuits will abound as organizations are thrown under the bus for not doing enough to prevent data exfiltration.
DJ: Is there a risk that areas like food supply will be compromised?
Williams: From the recent cyber incident knocking dairy giant Schreiber Foods offline to the attack on meat giant JBS, the threat to our food supply chain is dire looking ahead to 2022. As cyber adversaries continue to focus on making the biggest impact by affecting the most people, the food and agriculture industries will remain an attractive target, with a successful attack crippling our food supply likely in the coming year.
DJ: How will the cyber-insurance sector develop?
Williams: With mandatory reporting now in place and a move toward it becoming illegal to pay out ransoms, cyber insurance providers will need to rethink their business models and will likely partner with security vendors to build a more lucrative sales model.
DJ: What will be the main global developments?
Williams: We’ve seen a vast majority of cyberattacks from China and Russia, and while these adversaries will continue to dominate in the cyber realm, the coming year will see new up and coming threat actors from Southeast Asia and Africa. As cyber criminals look to find cheaper labor and technical expertise, we’ll see activity pick up in these regions in 2022 and beyond.