2022 BrightCloud Threat Report

In 2021, many cybersecurity incidents caused experts to shake their heads and left businesses, law enforcement agents and government officials in a state of constant catch-up.

Attacks on the supply chain? You bet. The takedown and resurrection of the Emotet botnet? Check. Enhancement of malware techniques to reduce the level of detection on devices? Absolutely. Massive infrastructure breaches that wreaked havoc from the United States to Belgium and beyond? They happened too.

Remote and hybrid working arrangements continued to evolve in the past year and will continue to alter how we work and interact with one another. These new realities opened easier and more lucrative avenues for bad actors to exploit. Phishing attacks across email, text and other communications platforms remain a common first step in breaches.

Malicious URLs have spiked. Browser-based cryptojacking may have practically disappeared, but cryptomining malware is becoming more mainstream. Cybercriminals remain hard at work looking for ways to compromise our data and personal information.

Though cybercriminals made headway in their stealth approaches to compromise organizations, cybersecurity analysts and threat researchers continued to pinpoint and prevent the proliferation of risks. An impossible challenge at times, but one that remains essential to address across all industries and sectors.

Individuals and businesses will never be fully immune. Small to medium-sized businesses (SMBs) remain particularly vulnerable to ransomware breaches. Though ransomware payments soared in 2021, countries banded together to thwart the efforts of ransomware gangs like REvil. Top brands like Apple, Microsoft and Google continue to be used as phishing bait to lure unsuspecting users. The manufacturing sector remains a prime target for attackers to focus their efforts.

In this year’s BrightCloud® Threat Report, we delve into the developments affecting businesses large and small and what these changes mean for businesses and individuals. Through our in-depth analysis, we provide insights, trend analyses and predictions for what lies ahead this year.

We hope our report can empower your defense and recovery strategies, and the information it contains helps keep you safe in the year ahead.

David Dufour
Vice President of Engineering & Cybersecurity