Kaspersky publishes its forecasts for financial cybercrime in 2021: cryptocurrencies in their sights, server-side web skimming and increasing blackmail attempts.
The Kaspersky experts present their forecasts on the development of financially motivated cyberattacks in 2021: While many cyber criminals continue to expand their Bitcoin raids, others are likely to make their ransom demands in alternative cryptocurrencies for security reasons and only exchange the sums for Bitcoins later. In addition, blackmail attempts via DDoS attacks and ransomware will continue to increase, with ransomware attackers likely to concentrate more on advanced tactics. They are likely to use the previously extorted money to buy information about vulnerabilities in order to expand their attacks.
Cyber threats: financial attacks
Financial attacks are among the most dangerous cyber threats because they directly target the wallet of victims - be they private individuals, companies or organizations. The changes that 2020 brought with it are also reflected in the actions of cyber criminals. Based on their findings in 2020, the security experts at Kaspersky provide an outlook on the most important developments in the threat landscape in the area of financial malware for the year 2021, so that companies can better prepare for dangers:
- Magecarting or JS skimming, i.e. stealing credit card information on and from e-commerce platforms, will concentrate on the servers. Threat actors use client-side attacks using JavaScript less often. The Kaspersky experts assume that attacks will take place on the servers themselves in the coming year.
- Transitional cryptocurrencies – currency exchange obfuscation: Special technical features to monitor, de-anonymize and confiscate Bitcoin accounts will lead to a change in the methods that many cybercriminals use to demand payment. Other more privacy-friendly currencies such as Monero will likely be used as the first “transition” currency, before later swapping the funds to other cryptocurrencies such as Bitcoin. This is how criminals can cover their tracks.
- More Extortions: Due to its success and extensive coverage this year, threat actors behind targeted ransomware have increased the amounts victims are asked to pay in exchange for not disclosing stolen information. Kaspersky researchers are therefore assuming an increase in such blackmail attempts - both by means of ransomware and DDoS attacks.
- Blackmail gangs rely on zero-day vulnerabilities: Cyber criminals who successfully carried out ransomware attacks in 2020 and collected the corresponding sums of money will want to further increase the effectiveness of their attacks. You should therefore rely on so-called zero-day exploits as well as n-days exploits. While it is costly to buy vulnerability information, cybercriminals will see it as an investment given the ransoms that victims have already paid.
- Theft of Bitcoins: As a result of the pandemic, many nations are likely to become impoverished, economies collapse and currencies lose value. As a consequence, more people will turn to illegal activities and thus also to cybercrime. The Kaspersky experts therefore predict that with the weakening of individual national currencies, Bitcoins will increasingly move into the center of attempts at fraud and theft.
Trends for this year
"This year is very different from any other year we've seen, and yet many of the trends that we predicted for this year last year have actually materialized," said Dmitry Bestuzhev, security researcher at Kaspersky. “This also includes new strategies for financially motivated cybercrime. They range from selling bank credentials to attacking investment applications. In addition, existing trends have been strengthened, such as the further increase in card skimming and attempts to blackmail banks using ransomware. It is important to predict future threats because it is the only way we can be better prepared to combat them. We are confident that our predictions for 2021 will help cybersecurity professionals once again better adapt their threat models.”
More on this on SecureList from Kaspersky.com
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/