Cybereason reveals 2022 industry predictions


Cybereason made available its industry predictions for 2022 and urged the GCC region’s businesses, employees, and consumers to be ever-watchful in making the new hybrid ecosystem a safe environment in which to work, shop and live.

“For our 2022 predictions, we wanted to go beyond the usual hot topics and buzzwords lists that normally pass for insights,” said Lior Div, Co-Founder and CEO, Cybereason. “While it’s important for our customers to prepare for more of the same when it comes to things like skills gaps and the use of cloud and AI in cybersecurity, we believe they do not need domain experts to inform them of the obvious. We prefer to focus on the future shape of the threat landscape and what current threat research tells us about risks that may be just over the horizon.”

RansomOps replaces ransomware

Ransomware has swept the region anew since the pandemic created more complexity in infrastructure and a disconnect between remote-working employees and the IT function. According to recent Cybereason research, 63% of UAE businesses paid bad actors between US$350,000 and US$1.4 million following ransomware incursions in the two years prior to June 2021.

Relatively simple repurposed malware strains have been replaced by RansomOps. Cartels like REvil, Conti, and DarkSide are conducting comprehensive campaigns in which the payload is just the final link in an attack chain. Against this backdrop, 2022 will demand a refocusing of anti-ransomware tactics away from the encrypting malware itself and onto the Indicators of Behavior (IOBs) associated with RansomOps, allowing the defending organization to circumvent encryption entirely.

Supply-chain attacks will reach further Regional CISOs may be familiar with the SolarWinds incident, in which the compromise of one resource led to the compromise of many of its owner’s customers. But Cybereason research into espionage campaigns such as DeadRinger and GhostShell reveals different approaches with similar outcomes. By gaining access to telecommunications providers, state actors were able to monitor communications for customers of those operators.

In 2022, criminal gangs will adopt the successful strategies of the state actors seen in DeadRinger and GhostShell. This will likely lead to a reassessment of risk profiles by companies that are suppliers of digital services, as well as similar reassessments by their customers of how to establish trust in their supplier.

The Microsoft risk

Microsoft’s dominant role in the OS, cloud, and applications market means much of the cybersecurity threat domain is focused on the company’s offerings. As more and more organizations migrate to Microsoft environments, understanding the risks will be essential.

Lines blurring between cybersecurity and national security

This year, we have seen everything from oil to food supply chains affected by ransomware attacks. In 2022, criminal and state actors will likely collaborate and align objectives for optimal impact. In response, regional governments are likely to escalate their preparedness strategies through entities such as the Computer Emergency Response Team for the United Arab Emirates (aeCERT) and Saudi Arabia’s National Cybersecurity Authority (NCA).


Media contact

Rebecca Morpeth Spayne,
Editor, Security Portfolio
Tel: +44 (0) 1622 823 922

Subscribe to our newsletter

Don't miss new updates on your email
Scroll to Top