TREND MICRO SECURITY PREDICTIONS FOR 2022
2021 marked a turning point for organizations big and small, as the ongoing lockdown drove many to
expedite their digital transformations and embrace hybrid work models. Now, well over a year into
the Covid-19 pandemic, these companies must prepare to shift gears once again as the world finds
its footing in yet another new normal — one that prioritizes the hybrid work model and is, hopefully,
at the tail end of the global health crisis.
1
Malicious actors are poised to move in on the opportunities arising from a business landscape
still in flux. New pain points are bound to arise as the push for digital transformations continues to
redefine organizations’ attack surfaces. However, companies will be prepared to curb these threats
by hardening their defenses with a multitude of tools and best practices.
Coming into 2022, emerging threats will continue to test the resilience of supply chains around the
world. The fourfold extortion model that has been gaining popularity among malicious actors will
spell operational disruptions with far-reaching impact not only on the victims themselves but on
their customers and partners as well.
Cloud adopters will need to shore up their defenses on multiple fronts, especially if they are to
weather attacks from actors intent on both using tried-and-true methodologies and innovating
by following new technology trends. The introduction of new cryptocurrencies in 2022 will require
security teams to stay on top of any cybercriminals attempting to infiltrate and abuse corporate
resources for their cloud-computing capabilities. We also expect malicious actors to increasingly
target build systems and developer credentials as points of entry to cloud services and applications.
Consequently, developers will have to ensure that their credentials stay out of reach of attackers
looking to compromise their systems.
We expect an unprecedented number of vulnerabilities to be unearthed in the year ahead as a result
of more vulnerability hunters looking to collect big bug bounties and of increased media attention
on vulnerabilities. We foresee this leading to a surge in zero-day exploits that will beat 2021’s record-
setting number of zero-day exploits in active use.
2
The patch gap will leave unprotected enterprises
at the mercy of malicious actors eager to home in on any weak spots in IT infrastructures by stacking
multiple vulnerabilities to create new, multiplatform threats.
