Traditionally, at the end of the year, many IS companies take stock and share their views on the future development of digital threats. Here is a compilation of the most likely scenarios for the market.
Encryption attacks will become more aggressive
Ransomware Trojans, which block access to data and demand a payment to attackers to regain access to valuable information, will continue to be the number one threat in IT. Cybercriminals have changed their tactics and now not only block information but also threaten to disclose it if the victim organization refuses to pay a ransom. Such harsh leverage on victims, threatening to have devastating financial and reputational consequences for business, will only exacerbate the already difficult situation with encryption ransomware and provoke a new round of development of this type of malware.
A study conducted by Group-IB also demonstrates the urgency of the problem: overall losses from encryption ransomware in the enterprise environment have recently topped the well-regarded USD 1 billion mark, which is the lower bound for financial losses. According to data provided by Group-IB, the United States was the most popular target of ransomware Trojans in 2020, accounting for about 60 percent of all known attacks:
-
20% of attacks in Europe
-
About 10% were in North and South America
-
Asia accounted for about 7% of cyber attacks
Attacks on remote workers will become widespread
The difficult situation of the coronavirus pandemic has forced companies to move staff to telecommuting en masse. This hasty restructuring of business processes has had a direct impact on remote workplace security and has significantly weakened control over information assets in many organizations. That is why using an antivirus software like PC Matic or similar would be a plus to the workers cybersecurity.
Acronis predicts that in 2021 the number of attacks targeting remote workers will increase as the protection of systems outside the corporate network is easier to crack, allowing attackers to gain access to that organization’s data. According to InfoWatch analysts, this state of affairs is due to the specifics of the remote working format, which gives both cybercriminals and insiders a much greater opportunity to steal information.
Growth of attacks on IoT infrastructure
The Internet of Things continues to attract cybercriminal groups – each year they show more interest in vulnerable devices, be they smart TVs, webcams, routers, sensors, smart home appliances, and other smart home solutions.
Research shows that compromised and infected IoT devices are most often used by attackers to deploy botnets and mount large-scale denial-of-service attacks (. Also, compromised IoT devices are used by cybercriminals as proxy servers for other types of malicious activity.
According to experts, the main problems of IoT devices are easy-to-guess passwords (very often they have factory-preset passwords that are in the public domain) that cannot be changed and outdated device firmware.
Hackers will use artificial intelligence more often
Cybercriminals are always trying to use the latest digital technology to achieve their goals, and Artificial Intelligence (AI) is no exception. AI technology is already being used in cybercriminal environments to create ‘Deep Fakes’ – realistic and convincing fake images, videos, and voice recordings, sent out to deceive and manipulate public opinion, blackmail, and tarnish the image of famous people.
Attackers are also actively using AI systems to increase the effectiveness of the malware, circumvent CAPTCHA protection mechanisms, crack passwords, and analyze large data sets to extract phone and credit card numbers.
Increase in attacks on health facilities
The COVID-19 pandemic has not only turned the world upside down, affecting virtually every aspect of our lives, it has also put healthcare organizations under attack by cybercriminal groups.
The fears of IS professionals are not unfounded and stem from mediocre protection of healthcare IT infrastructure. Research shows that many hospitals have poorly protected Wi-Fi networks, through which cybercriminals can gain access to the organization’s local network infrastructure and computer systems, and most importantly, to medical and diagnostic equipment. Besides, hospitals run thousands of vulnerable medical devices that use an unsecured network connection. Many of them, for example:
-
MRI scanners
-
Cardiology equipment
-
Devices that use radioactive sources
They are full-function computers that often run outdated operating systems and have dozens of unpatched vulnerabilities that may allow remote hacking and full control of the system.
Proliferation of fileless threats
Fileless malware uses built-in operating system tools and processes and does not write malware to disk. As a result, a virus in the user’s device’s RAM is difficult to detect and block.
This is a challenge for IT security services: not only must they be able to prevent malware from entering enterprise systems, but they must also be able to detect and respond to it. Fileless threats are not a new technology – such malware has been around before – but since 2016, attacks using such threats have continued to gain momentum.
5G development could expose operators to cyber attacks
The shift to fifth-generation mobile communications is expected to open up new attack opportunities for attackers and dramatically change the threat landscape for the telecoms industry. The more popular the technology becomes and the more devices are connected to 5G, the more attackers will look for vulnerabilities they can exploit, researchers say.