Cyber security firm Kaspersky recently released its predictions for important developments in the financial threat landscape of 2021.
According to the report, 2020 has significantly affected the way cyber criminals operate. These changes will further impact the financial threat landscape in 2021.
As per the report, cyber criminals will continue to target Bitcoin and other cryptocurrencies next year. “Bitcoin theft will become more attractive as many nations plummet into poverty as a result of the pandemic. With economies crashing and local currencies dropping, more people may become involved in cyber crime, leading to more cases,” as per the report.
Extortion, DDoS attacks
The techniques leveraged by cyber criminals for Bitcoin theft and frauds will also become more advanced. Many criminals are likely to use transition currencies for such crimes.
“Other privacy-enhanced currencies such as Monero are likely to be used as a first transition currency, with the funds being later converted to another cryptocurrency, including Bitcoin, to cover criminals’ tracks,” cautions the report.
Extortion practices including ransomware attacks will be more widespread. These practices will also continue as part of Distributed Denial-of-Service (DDoS) attacks.
“Kaspersky researchers anticipate even higher growth in extortion attempts as a means to obtain money. Organisations that may be hurt by the loss of data and exhausting recovery processes are in the crosshairs, with more cyber criminals targeting them with ransomware or DDoS attacks or even both,” it said.
Furthermore, ransomware groups who have managed to gather more funds from various successful attacks in 2020 will start using zero-day exploits to scale up their cyber attacks next year.
Zero-day exploits are vulnerabilities that have not yet been found by developers. Exploits that have not been patched yet will be leveraged by attackers to increase the effectiveness of their attacks, as per the report.
Moving to server side
Another major financial cyber threat MageCarting, also called JS-skimming, will move to server-side attacks. MageCarting is “the method of stealing payment card data from e-commerce platforms, explained Kaspersky.
“Attacks will move to the server side. Evidence shows that from day to day there are fewer threat actors relying on client side attacks that use JavaScript,” it said.
“This year was substantially different from any other year we experienced, and yet, many trends that we anticipated to come to life last year came true regardless of this transformation of how we live.
These include new strategies in financial cyber crime — from reselling bank access to targeting investment applications — and the further development of already existing trends, for instance, even greater expansion of card skimming and ransomware being used to target banks. Forecasting upcoming threats is important, as it enables us to better prepare to defend ourselves against them, and we are confident our forecast will help many cyber security professionals to work on their threat model,” said Dmitry Bestuzhev, a security researcher at Kaspersky.