The ten biggest threats to your Windows PC in 2022
From malware to a man with a screwdriver called Steve, we round up the biggest dangers to your machine this year
The PC has been under attack – both literally and metaphorically – for years. Malware threats, environmental threats, and even the threat of obsolescence have all been quietly dealt with over the decades.
Still, forewarned is forearmed, as the old saying goes, and there’s no shortage of dangers lurking in the shadows for the PC in 2022.
We’ve canvassed the opinions of security experts and the PC Pro team to highlight ten dangers to your PC in the year ahead. Some are a little tongue-in-cheek, but all are things that you need to be wary of as we tick on as 2022 takes shape.
The market for ransomware has grown so large that security firm Sophos warns it’s even being outsourced. “One group builds the ransomware and then leases the use of that ransomware out to specialists in the kind of virtual breaking-and-entering that requires a distinct skillset from that of ransomware creators,” the company writes in its 2022 Threat Report. “This ransomware as a service (RaaS) model has changed the landscape in ways we couldn’t predict.”
Other experts agree the threat isn’t going away. “We’ve heard it time and time again but ransomware is out of control and showing no sign of slowing down,” says ESET UK cyber security expert, Jake Moore. “In a very difficult predicament, organisations are far too frequently having to make tough decisions on whether or not to pay ransoms which should never even crop up in the first place.”
The fact many victims do pay the ransom is, of course, what fuels the growth of this pernicious market. “I think that the reason [ransomware] is proliferating – we’ve seen twice as many attacks this year as last year in the UK – is because it works,” the head of GCHQ, Jeremy Fleming, told the Cipher Brief conference in October. “It just pays. Criminals are making very good money from it and are often feeling that that’s largely uncontested.”
The best mitigation is up-to-date security software and regular backups, but, as we know, many individuals and businesses still take too many liberties with their data. “We have seen companies like Fujifilm refuse to pay ransoms and restoring from backups but unfortunately many companies against the clock are siding with the paying alternative in order to get back to business quicker,” he added. “That’s not a decision to be taken lightly but it must be noted that more is still required in the shape of proactive protection to thwart these increasing attacks. Until then, 2022 looks set for another ransomware bumper year.”
You and your family
One of the biggest threats to your PC is the massive bag of atoms in front of it. We’d hope most users are savvy enough not to click on random PDFs attached to emails, not to fiddle with the Registry without taking a proper backup, not to plug in that USB stick that you found in Tesco’s car park. Even if you wouldn’t dream of doing any of those things, however, there’s a decent chance you’ve got kids or grandkids who might.
The mitigations here are familiar. As well as up-to-date security software and proper backups, making sure the more carefree members of the household are not running on administrator accounts in Windows are all ways of lowering the risk profile. This is especially true if you’re working from home and using a personal machine for work purposes, or vice versa, which others may have access to.
A fully updated PC is generally much safer than one with six months of updates waiting to be installed. That said, you might want to give it a few days before you hit that Update button, if recent history is anything to go by.
For instance, in February, Microsoft had to patch its own patch, after a faulty Windows 10 update halted the installation at 24%, which is 76% less than ideal.
The same happened again in March. An update resulted in many Windows 10 users seeing an APC_INDEX_MISMATCH error every time they tried to print a document, while others saw the Blue Screen of Death (BSOD) or bits missing from their printouts. A further patch seemed to make things worse, and Microsoft eventually pulled the update altogether, before finally getting it right with a third emergency patch.
In Microsoft’s defence, the near-infinite number of hardware and software configs out there makes it impossible to ensure every patch is going to work flawlessly for every customer. If we were to guess why you’d be screaming at your PC in the coming year, though, Windows Update would definitely be up there.
Getting worked up about spammers doesn’t only raise your blood pressure, it could actually make you a prime target for their attacks.
Sophos’s 2022 Threat Report highlights a hybrid attack, where spammers use a ‘shotgun’ attack aimed at absolutely everyone, but then use ‘pinpoint targeting’ to narrow down the juiciest targets. Amongst those most likely to interest the spammers are those with short tempers.
Deploying flexible data protection to support cloud workload placement
Why data availability and cyber recovery are foundational to successful digital transformationFree Download
Sophos gives the example of an attack perpetrated with the BazarLoader malware family. The attack is based on massive volumes of untargeted spam, although the email itself doesn’t contain anything malicious – no iffy attachments or links to click. Instead, the attack masquerades as an invoice with a number to call if there’s a problem.
Once the recipient calls the number, “they end up speaking with someone who will perform a kind of psychological profiling on the caller, to determine whether they’re likely to be a real victim, or if they’re a security researcher or otherwise incredulous person,” Sophos reports.
If the caller ticks the boxes, which seems to be combination of moderate anger and demonstrating limited computer knowledge, the operators walk their victims into a trap, guiding them to visit sites that deliver a malicious infections file to open and run. Sophos says it expects such techniques to become more commonplace in 2022, so watch out for unexpected invoices and the like.
Your mate, Steve
Sorry to the Steves of this world. We know you’re only trying to help, but PC Pro’s professional PC fixer, Lee Grant, receives a healthy flow of business from people who let “my mate Steve” perform a DIY upgrade on their machine, which left them with a deadish lump of plastic and metal instead.
‘Steve’ is the “enthusiastic DIY fixer armed with a £10 power supply unit (PSU), good intentions and no insurance. He weighs in with his screwdriver, takes apart your PC while you fix him a cup of tea. The next thing you know, you’re opening windows to clear that funny burning smell emanating from what used to be your PC.
Replacing components isn’t always a doddle. Making sure you’ve got the right power supply wattage, the correct cooling, a compatible CPU socket, or the right type of memory often requires a pair of professional guiding hands.
It’s hard to work out what’s going to be the bigger threat to your computing in 2022: a lack of electricity or too much of it.
The energy crisis is certainly raising the prospect of a problem we haven’t seen in the UK since the 1970s: blackouts. The National Grid warns the risk of power cuts has increased, with reserves dipping as low as 4.2% of demand (it should have been 6.6%). Routine shutdowns at gas plants and the retirement of two nuclear reactors, too, are adding further pressure.
If the power supply does wobble, it’d be a great time to be using a laptop as your primary work machine, not least because of its fitted battery, which means you won’t lose your work in a power cut. Keep your phone well topped up too, because if the power dips you might need to rely on tethering mobile broadband instead of your home router.
At the other end of the scale is the risk of power surges, perhaps caused by increasingly common lightning storms or even solar flares.
“Surges still happen, but we see fewer problems caused by them,” says Lee Grant. “The improvement of anti-surge technology within components - particularly PSUs - has resulted in fewer charred machines arriving on our workbenches. However, a power surge doesn't always originate from the wall socket; if the PSU develops a fault, an internal surge occurs, and the results can be just as expensive.
“A decent PSU can detect and prevent a surge from coursing down the power lines and wiping out all your components,” he adds. “The technology inside cheaper PSUs may not be as robust and may struggle to prevent an unexpected 240v destroying a component expecting 5v. This is also true of bargain-basement laptop chargers, so think hard before buying a £6 after-market charger for your £1,500 dream machine.”
With laptops increasingly going fanless, common or garden dust might be less of a concern these days for portable owners. For desktop owners, however, dust getting into vents, components and cooling equipment remains a mundane danger.
If you’re going to give your desktop a good dusting, make sure you’re using the right equipment or you could do more harm than good. An anti-static band is a sensible precaution whenever you open a PC case. At the very least, make sure you discharge any static electricity by touching the outside of the case and wearing rubber-soled shoes while you’re fiddling around.
Otherwise, arm yourself with a can of compressed air, a clean cloth and some cotton buds. Use the compressed air to blow dust our vents and vans, but don’t blast components from point blank range. The cotton buds are handy for wiping off any dust that continues to cling to tricky areas such as fan blades.
The cloth should be placed in the bottom of the PC case, ready to collect any dust that drops down. You can use a slightly damp cloth to help collect the dust, but don’t make it soaking wet. The last thing you want to leave behind is any moisture. Most definitely don’t wipe components with a damp cloth.
If you’ve not already taken the Windows 11 plunge, there’s a good chance you’ll be offered imminently, which brings us to one of the lesser considered threats to your PC – outdated drivers.
Peripheral and component manufacturers are, frankly, scattergun when it comes to driver support. We’ve repeatedly called for “sell-by dates” for hardware – printed on the box – which states when manufacturers will continue to support hardware with new drivers and security updates.
Alas, we continue with this nagging uncertainty. Of course, when peripherals and components stop working as they should, many people will decide it’s the PC – often a perfectly serviceable PC – that should be replaced instead. The rollout of a major new operating system only hastens that cycle.
For as long as cryptocurrency remains the criminals’ lucre of choice, cryptojacking will remain a problem.
Sophos’s report states ransomware and cryptojacking will remain “the two most prominent ways that criminals can directly receive cryptocurrency payments from their victims”, so you need to be on the lookout for strange apps chewing through your processor cycles.
Even if the threat is age old, as with ransomware, the tactics are changing. Check Point warns of cryptojacking being triggered by the promise of free AirDropped NFTs, which is yet another reason to give NFTs a wide berth in 2022, as well as a prompt for the Mac owners to drop the smug face. Linux users can stop grinning too – Bitdefender researchers discovered the Monero mining malware was targeting Linux machines with weak SSH credentials earlier this year. Seriously, nobody is safe.
Yes, OK, we saved the tongue-in-cheek one for last, but there’s no denying Apple is knocking performance out of the park with its M1, M1 Pro and M1 Max processors. If you’re thinking about upgrading your computer in 2022, you’d have to be a tattoo-bearing Windows diehard to not even consider a Mac at this point.
At least there are signs of an Intel fightback brewing in 2022, with its Intel Alder Lake processors putting up a fight. That said, we’ve yet to see what AMD will counter-punch with when it launches its 3D V-Cache processors in early 2022. At this point, however, it’s hard to ignore Apple if you’re looking for outright performance, especially in the laptop form factor.
Four strategies for building a hybrid workplace that works
All indications are that the future of work is hybrid, if it's not here alreadyFree webinar
The digital marketer’s guide to contextual insights and trends
How to use contextual intelligence to uncover new insights and inform strategiesFree Download
Ransomware and Microsoft 365 for business
What you need to know about reducing ransomware riskFree Download
Building a modern strategy for analytics and machine learning success
Turning into business valueFree Download