2022 Threat Predictions: Machine “Unlearning”, Undetectable ICS Attacks and More Digital Health Vulnerabilities

Published on 17th January 2022

Every year, Kaspersky experts look back at the biggest security developments over the previous 12-months as part of the Kaspersky Security Bulletin series to help users and businesses usher in a safer new year. Here are the highlights of 2022 predictions for the industrial, healthcare and privacy sectors.

#1 Machine “unlearning” on the rise

Modern machine learning (ML) can memorise massive chunks of information about users’ private behaviour. As governments contemplate new regulations to protect citizens’ privacy, will that extend to the private data being used to train ML models in the first place? If it does, then expect companies and researchers to develop new technologies, such as “machine unlearning”, which would allow them to remove data from already trained algorithms.

Along those same lines, governments and users are calling for more transparency in general when it comes to ML algorithms. Such algorithms are increasingly used for various decisions, from determining whether or not people qualify for a loan to the ads displayed on users’ screens. But this can lead to privacy - and even discrimination - concerns. In the coming year, expect more discussions and regulations surrounding the decisions being made by automated systems.

#2 Attacks against industrial organisations will continue and may become harder to automatically detect and prevent

Expect attacks to continue disrupting the operations to and even harm businesses in the coming year - and in even more devastating ways. Due to preventative protective measures taken by governments and businesses, alike, attackers themselves are forced to invest in the security of their own operations and to mitigate their risks, and they need to adopt more efficient tactics and technologies to react to the security controls and mechanisms recently implemented in industrial organisations.

As such, cybercriminals are now shortening the lifecycle of the malware in use. A particular, malicious sample may be used against a very limited set of targets and only be active for a couple of weeks, while it is at its peak effectiveness and then a new build is released to bypass detection. They are also limiting their use of malicious infrastructures. Research into some recent APT activities showed that some campaigns’ Command and Control servers may only be active for a couple of hours during the relevant phase of the operation. Some attackers even avoid using a malicious infrastructure altogether in the source of the attack. These are a few of the trends that will continue, and most likely, as result, we will be facing cyberattacks of even bigger threat potential and danger.

#3 Digitalisation in the healthcare sector = more data breaches

Last year, Kaspersky researchers predicted that, as the pandemic took hold, the healthcare sector would receive major attention from cybercriminals. This certainly proved true, as criminals sought financial gain from various campaigns themed around the vaccine and ransomware hit hospitals, endangering patients’ lives.

In the year to come, the attack vector for the healthcare sector will only continue to expand, as more patient data moves to the Internet and healthcare providers continue adopting digital treatment services, such as telehealth. 2021 already saw healthcare data breaches increase by one and half times when compared to 2019. Expect attackers to search for vulnerabilities they can exploit in new wearable devices and medical applications being developed or creating fraudulent apps that users may mistakenly download. What’s more, as different countries set different vaccination rules for traveling and visiting restaurants, the market for fraudulent digital vaccination passports and certificates will continue to grow. 

Courtesy: Kaspersky

An advanced Managed Security Service Provider


This article has been read 1,012 times
COMMENTS