Iran will use its cyber tools much more aggressively to promote regional interests and will continue to target Israel and others in the Middle East, a recent report warned.
The report by Mandiant Research Company, entitled "14 Cyber Security Predictions for 2022 and Beyond," said that the Iranian-backed parties have shown their capability and willingness to use destructive malware, so "we expect them to take advantage of any opportunities that are presented."
"Ultimately, we'll see Iran trying to create more of a power balance shifted to its own interests. We have seen them targeting abroad, but their targeting will most likely be regional throughout 2022."
The annual report pointed out that with the assertion of Taliban control and departure of US forces from Afghanistan, "we can expect further cyber espionage and information operations."
"We will start to see the usual information operations actors—Iran, China, Russia—push narratives to support their interests through the end of 2021 and into 2022."
The report warned that they would also play up negative perceptions around the events, notably the perception that failed to live up to commitments to organizations and countries.
It indicated that the ransomware threat had grown significantly throughout the past decade, and it will continue its upward trend.
The ransomware business is simply "too lucrative" unless international governments and technology innovations can fundamentally alter the attacker's cost-benefit calculation.
VP MEA at Mandiant Gordon Love said that the only constant is the uncertainty in the cyber realm.
"Attackers keep evolving – getting more sophisticated and changing their tactics, techniques, and procedures to try to get one up on the defenders," said Love.
"Organizations have a lot to keep in mind for next year, but remaining vigilant will enable them to defend against upcoming threats—and respond to those that inevitably get through."
Mandiant noted that throughout 2021 low sophistication threat actors learned that they could create significant impacts in the operational technology space, perhaps even more extensive than they intended.
"Actors will continue to explore the operational technology space in 2022 and increasingly use ransomware in their attacks."
The report suspects that organizations using cloud and cloud-hosted providers may become more vulnerable to compromises, as well as errors, vulnerabilities, mis-configurations, or outages affecting cloud resources.
"In the coming years, we expect to see a continued growth of the Internet of Things (IoT) devices, many of which will be inexpensive and created without real consideration given to security."