Virtualization Technology News and Information
SlashNext 2022 Predictions: 2022 - The Year of Human Hacking

vmblog predictions 2022 

Industry executives and experts share their predictions for 2022.  Read them in this 14th annual series exclusive.

2022 - The Year of Human Hacking

By Patrick Harr, CEO, SlashNext

Necessity is the mother of all inventions. As cybersecurity improves, the threats they keep at bay look for new opportunities. Cybercriminals continue their search for low-risk, high-reward targets - 2021 was a defining year for how bad actors try to exploit the weakest points in organizational security.

When contributing to VMblog's annual prediction roundup last year, I noted that phishing, personal attacks, and widening attack surfaces would expand hand-in-hand with remote working and decentralized company infrastructure. Those were already trends, but SlashNext's research showed clear jumps in activity numbers, and our latest research, reflecting on 2021, reveals even higher numbers.

For example, social engineering has roared back from the fringes, jumping from presences in 6 percent of phishing attacks to over 40 percent. And the notion that criminals primarily focus on specific channels such as email can be retired. They are gunning across a much broader spectrum of platforms. Not only that, but they are increasingly using legitimate cloud platforms to do their work.

2021 became symbolic of cybercrime because of the Colonial Pipeline shut down, and it's sobering to ponder that 2022 might deliver numerous such significant attacks. The trends urge a realization, which I'll make my first prediction for 2022:

Phishing is a human problem

Phishing is not going anywhere - SlashNext's Threat Labs saw a 51 percent increase in phishing in 2021 compared to 2020. But it's time to consider a more encapsulating definition of such threats.

While security teams harden infrastructure and focus their interventions on channels such as emails, the criminals are expanding their attempts to all digital channels - including SMS/text, Slack, LinkedIn, Zoom, and much more. As mentioned earlier, social engineering has resurged. Cybercriminals are not sticking to singular methods for their attacks, so we should revisit our language for 2022.

At SlashNext, we started referring to this as "Human Hacking" - multi-channel attempts to dupe people into compromising their systems and credentials. As we state in our 2021 Human Hacking report: "Humans are the most porous cybersecurity entry points into an organization." As human interactions spread across multiple channels, so does cybercrime.

Remote working culture is raising risks

Browsers and mobile apps are increasingly how we engage with technology services, a trend amplified by remote working. Criminals have followed that trail, and we've seen a widening range of tactics that they deploy.

Attacks are now prevalent across popular services, including WhatsApp, Snapchat, Box, LinkedIn, Slack, Teams, Discord, and many more. Fake login pages remain a favorite tool, but criminals aren't limiting themselves. In 2021, SlashNext Threat Labs identified 2.5 million phishing attacks that did not involve fake login pages but instead malicious browser extensions, rogue apps, and social engineering scams leading to backdoor access.

Using apps and browsers to increase productivity in a hybrid remote/office working environment helps cybercriminals target organizations' most vulnerable and least protected parts. Protecting users from human hacking attempts will be an important trend in 2022 as phishing continues to move beyond email to include collaboration and team communication tools.

Criminals use legitimate infrastructure against us

Many of SlashNext's 2021 findings aren't that surprising as they tend to reflect existing trends. It's the amplification and diversification that is more staggering. Yet one trend is surprising. In recent years, security researchers noticed that some attacks originate from legitimate infrastructure. Cybercriminals are clandestinely using the likes of AWS and Azure to launch their attacks.

For example, during August 2021, 12 percent (or 79,300) of all malicious URLs identified by SlashNext came from legitimate cloud infrastructure, including AWS, Azure,, and By using legitimate infrastructure and their trusted domain status, criminals can evade current detection technologies more easily. We expect the practice of piggybacking on trusted reputations to escalate significantly during 2022 because it is a highly effective tactic.

AI is the best defense

We shouldn't be dismayed by these figures. Cybersecurity is not failing. It's working, thus forcing criminals to explore new avenues. Yet massive data breaches fuel human hacking activities. For example, the hundreds of millions of LinkedIn user details stolen in 2021 have created a surge in fake login and profile pages.

But if the enemy is adapting, so can we. In terms of phishing and human hacking, established security tools like SEG, proxy, SASE, and endpoint protection aren't enough to prevent successful attacks. They can lack the speed and accuracy to detect the newer techniques we're seeing.

AI, on the other hand, is that fast and accurate because it can emulate human cognitive reasoning. It centers on behavioral analysis of the content and can detect threats missed by human forensics, URL inspection, and domain reputation analysis used by established security tools. The security market reflects this: AI has graduated to take the central role in many current security solutions. It's our primary defense against desperate yet creative and tenacious bad actors.

Those bad actors have become sophisticated with access to easy-to-obtain and affordable automation technology. That enables them to deliver targeted spear-phishing attacks on a massive scale through unprotected channels and move faster than many traditional phishing detection services. Protecting users from multi-channel phishing and human hacking will be a significant trend in 2022 as phishing continues to move beyond email and into Human Hacking.



Patrick Harr 

As CEO of SlashNext, Patrick Harr directs a workforce of security professionals focused on protecting people and organizations from phishing anywhere. Before SlashNext, Harr was CEO of Panzura, which he transformed into a SaaS company, grew ACV 400%, and led to successful acquisition in 2020. He has held senior executive and GM positions at Hewlett-Packard Enterprise, VMware, BlueCoat and was CEO of multiple security and storage start-ups, including Nirvanix (acquired by Oracle), Preventsys (acquired by McAfee), and Sanera (acquired by McDATA).

Published Monday, January 24, 2022 7:30 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<January 2022>