Machine "unlearning", undetectable ICS attacks and more digital health vulnerabilities: a look into threat predictions for 2022

Every year, Kaspersky experts look back at the biggest security developments over the past 12 months as part of the Kaspersky Security Bulletin series to help users and businesses usher in a safer new year. Here are the highlights of predictions for the industrial, healthcare and privacy sectors.

Machine “unlearning” on the rise

Modern machine learning can memorize massive chunks of information about users’ private behavior. As governments contemplate new regulations to protect citizens’ privacy, will that extend to the private data being used to train ML models in the first place? If it does, then expect companies and researchers to develop new technologies, such as “machine unlearning”, which would allow them to remove data from already trained algorithms.

Along those same lines, governments and users are calling for more transparency in general when it comes to ML algorithms. Such algorithms are increasingly used for various decisions, from determining whether or not people qualify for a loan to the ads displayed on users’ screens. But this can lead to privacy concerns—and even discrimination. In the coming year, expect more discussions and regulations surrounding the decisions being made by automated systems.

Attacks against industrial organizations will continue and may become harder to automatically detect and prevent.

Expect attacks to continue disrupting the operations and making harm to businesses in the coming year—and even in more devastating ways. That’s because, as attackers are forced by the governments’ actions to invest in the security of their own operations and to mitigate their risks, the attack financial targets may arise, and they need to adopt more efficient tactics and technologies to react to the security controls and mechanisms recently implemented in industrial organizations.

As such, cybercriminals are now shortening the lifecycle of the malware in use. A particular malicious sample may be used against a very limited set of targets and only be active for a couple of weeks while it is at its peak effectiveness and then a new build is released to bypass detection. They are also limiting their use of malicious infrastructures. Research into some recent APT activities showed that some campaigns’ Command and Control servers may only be active for a couple of hours during the relevant phase of the operation. Some attackers even avoid using a malicious infrastructure altogether in the source of the attack. These are a few of the trends that will continue, and most likely, as result, we will be facing cyberattacks of even bigger threat potential and danger.

Digitalization in the healthcare sector = more data breaches

Last year, Kaspersky researchers predicted that, as the pandemic took hold, the healthcare sector would receive major attention from cybercriminals. This certainly proved true, as criminals sought to make money profit off the vaccine and ransomware hit hospitals, endangering patients’ lives.

In the year to come, the attack vector for the healthcare sector will only continue to expand, as more patient data moves to the internet and healthcare providers continue adopting digital treatment services, such as telehealth. 2021 already saw healthcare data breaches increase by one and half times when compared to 2019. Expect attackers to search for vulnerabilities they can exploit in new wearable devices and medical applications being developed or creating fraudulent apps that users may mistakenly download. What’s more, as different countries set different vaccination rules for traveling and visiting restaurants, the market for fraudulent digital vaccination passports and certificates will continue to grow.

To learn more about the most important trends in the cybersecurity industry in 2022, check out the Kaspersky Security Bulletin 2021.

In addition, join the Financial Threat Predictions for 2022 webinar to learn more about the financial threat landscape in 2021, which threats to expect in 2022 and businesses can prepare to defend against them. The webinar will take place on November 23rd at 2 PM GMT. Register here for free.

Check out Kaspersky’s new series hacker:HUNTER Behind the Screens. Created by Tomorrow Unlocked, this series explores recent cyber attacks against major businesses and offers solutions for how your organization can stay safe from similar threats.