Virtualization Technology News and Information
Avanan 2022 Predictions: Ransomware Will Continue to Take Center Stage

vmblog predictions 2022 

Industry executives and experts share their predictions for 2022.  Read them in this 14th annual series exclusive.

In 2022, Ransomware Will Continue to Take Center Stage

By Jeremy Fuchs, Cybersecurity Analyst at Avanan, a Check Point Company

2021 brought a dizzying array of security-related lapses, stories, and trends. From our vantage point in email security, we see the threats that target companies of all sizes and industries constantly evolving. Security solutions are becoming more advanced to protect against increasingly sophisticated threats, rapidly accelerating that evolution. Here's what we expect to be in store for the security industry as it continues to evolve in 2022.

1.  Ransomware will continue to increase on an exponential basis.

In 2022, ransomware will continue to be top of mind. In 2021, ransomware hit the public consciousness. It's become a dinner table conversation starter. Ransomware will not simply go away. It will continue to increase and on an exponential basis. Even as sanctions and other regulations begin to take effect, hackers will find new ways to evade such limiting factors. With phishing remaining the number one cause leading to ransomware, organizations have to find ways to mitigate the phishing problem. That starts with prevention. If not, ransomware will enter an organization. At this point, it's a question of when, not if, ransomware will hit.

The hardest-hit industries will be healthcare and education. Both industries hold valuable data and are often under-prepared for such attacks. In 2021, the education sector is the most targeted, globally, with an average of 1,468 attacks per organization per week. Further, 1 out of 44 healthcare organizations have been impacted by ransomware each week.  They've been hit hard in 2021, and hackers will escalate in 2022. Where there is data, there will be attacks.  Organizations in all industries will have to establish requirements in order to ensure a ransomware recovery plan is in place. That starts with an already-identified response team. It should consist of an incident response group within the company, legal counsel, a forensics team and potentially a negotiation team. Knowing who to go to and being able to do so quickly, is essential.

2.  Hackers will continue to exploit legitimate sites for phishing attacks.

Hackers will continue and escalate the use of legitimate sites to host and deliver phishing attacks. In 2021, Avanan analysts have seen a major uptick in the use of legitimate sites like Google Docs, DocuSign, Movable Ink and Milanote to host phishing sites. These attacks work because these legitimate services are on most static Allow Lists. Because of that, the actual links aren't scanned, allowing hackers to bypass protections and reach the inbox. In 2022, we'll see hackers ramp up their efforts, leveraging even more legitimate sites. Some of the most impersonated sites-Microsoft, DHL, Amazon, etc-will be utilized to fool scanners and get into the inbox. In 2022, every popular site needs to be on notice.

3.  Collaboration App Attacks Will Only Rise

Even though companies are opening their office doors again, the use of collaboration apps like Slack and Microsoft Teams will not die down. If anything, the hybrid work scenario will lead to more usage of these apps. By default, these apps are not necessarily protected. Data loss protections are minimal; sensitive company information can easily flow to other departments or outside the organization. Impersonation attacks are simple to implement and tough to identify. East-west attacks are at increased risk; third-party app integrations broaden the attack surface. Malicious links and messages are not automatically scanned. It's far too easy for hackers to either impersonate a user or find a compromised account and begin sending malware. End-users are often left in the dark and thus susceptible to these attacks.

4.  Supply Chain Attacks Will Increase

A supply chain attack happens when an organization is compromised and sends malware or other dangerous items to its entire network.  The most famous example of this is probably the SolarWinds attack from earlier in 2021, but it was just one of many that occurred in 2021. This means that organizations are only as secure as their partners. Since only one weak link in the chain can cause major damage, these attacks will only increase. And since one partner can send malware to thousands of others, it's a particularly efficient attack. Ensuring your security can automatically learn and discover a supply chain is essential, as is the rigorous vetting of all companies you do business with.

5.  Data Breaches will happen at bigger rates, for bigger costs

The average data breach cost has risen by nearly 10% from 2020 to 2021. Additionally, hackers have gotten more brazen with their financial demands. As more and more defenses are broken, it will be easier to ask for more ransom. Already, a record $40 million was paid to hackers in ransom by a large US insurance giant in 2021. That number will be eclipsed in 2022.


Security is always evolving. In recent years, that evolution has seemingly taken a turn for the worse. Unfortunately, that appears to be the case for 2022. However, security solutions have advanced to a point where it's possible to stop attacks and remain safe.



Jeremy Fuchs 

Jeremy Fuchs is the content manager for Avanan, the leading cloud email and collaboration solution.

Jeremy can be reached online at,, and at our company website

Published Friday, November 19, 2021 7:33 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<November 2021>