Virtualization Technology News and Information
Vade 2022 Predictions: Hackers Take Aim at Email, AI Lends a Helping Hand

vmblog predictions 2022 

Industry executives and experts share their predictions for 2022.  Read them in this 14th annual series exclusive.

Hackers Take Aim at Email, AI Lends a Helping Hand

By Adrien Gendre, Chief Products Officer, Vade

2021 saw a stunning amount of innovation in cybersecurity. Unfortunately, it was hackers who stole the show. From Colonial Pipeline to Kaseya, the year's biggest cyberattacks were launched by sophisticated, well-funded gangs of hackers whose skills outmatched the technologies designed to stop them. 2022 will no doubt bring more headlines-and headaches-for businesses around the world.

The effects of the pandemic will drag on

From regional events like elections to global events like the Olympics, current events cause geographically distributed groups to become intensely focused on a single topic for a period of time. It makes a hacker's job easy because they don't have to guess how to pique their target victim's interest.

Email provides the platform for hackers to socially engineer users into causing data breaches. From phishing emails impersonating health organizations to spear phishing emails impersonating human resources employees, COVID-themed emails were the weapon of choice during the pandemic.

Nearly two years later, cybercriminals are still exploiting the situation. In Q2 and Q3 of 2021, 10 percent of all COVID-themed emails captured by Vade were malicious. With countries around the world still seeing high rates of infection and political upheaval at its peak, we expect these numbers to remain stable in 2022. Away from the prying eyes of managers and the IT department, remote workers are vulnerable not only to social engineering but also the poor cyber practices that invite breaches of all types.

AI will become a requirement

AI has proven itself to be a formidable foe for cybercriminals, but many businesses still have not made the leap to using AI in cybersecurity. While AI might have been considered ‘nice to have' only a year ago, it will soon be a requirement.

AI's efficacy at learning patterns and detecting anomalies is unmatched. In the realm of email, it enables AI algorithms to detect suspicious email traffic, identify spoofing, uncover obfuscations, and recognize malicious text. In the hands of cybercriminals, AI will be used to analyze software, discover vulnerabilities, and launch attacks. 

Combining AI with automation will assist hackers in industrializing their attacks. We are already seeing high levels of automation in email attacks. This includes targeted attacks in which hackers auto-generate company logos on phishing pages and scan IPs when users click phishing links to determine whether they are the intended targets. AI will help hackers industrialize this process, with more intelligent automation and even email content generation.

MFA adoption will increase, and hackers will be waiting

Adopting MFA is no longer an option but an imperative that could mean the difference between a thwarted attack and a significant breach. Remote work has compounded the need for MFA, and even businesses that were lagging behind have come around to the merits of the technology. According to a report by Yubico and 451 Research, MFA was the most adopted new security technology due to COVID-19.

As many businesses have found, however, MFA is not foolproof. Main-in-the-middle attacks, in which hackers perform reconnaissance on victims and intercept credentials generated by MFA, are the primary method for bypassing the technology. As MFA technology becomes more sophisticated and gets better at blocking man-in-the-middle attacks, we expect hackers to stay one step ahead, as is always the case.

Looking ahead while learning from the past

While cybercriminals are full of surprises, they tend to stick with the techniques that have served them best and improve upon them when security technology catches up. To stay ahead of the hackers, security teams and technology must keep a similar eye on the past, learning from mistakes and anticipating future attacks.



Adrien Gendre, Chief Products Officer, Vade

Adrien Gendre 

Adrien Gendre is Chief Product & Services Officer at Vade Secure. His product vision and cybersecurity experience has been instrumental in Vade Secure's evolution from startup to world leader in predictive email defense. A speaker at M3AAWG (Messaging, Malware & Mobile Anti-Abuse Working Group), Adrien is a sought-after email security expert who shares his expertise to educate businesses about email threats and facilitate new approaches in the cybersecurity community. With unparalleled access to global email threat intelligence, Adrien brings his email security expertise and innovative product approach to the ongoing development and advancement of phishing, spear phishing, and malware protection technologies at Vade Secure.

Published Thursday, November 11, 2021 7:31 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<November 2021>