This year, cyberattacks in the financial industry will increase due to the use of AI and increasing automation, cybersecurity experts say. They predict attacks on direct pay systems and one-day exploits.
In 2024, Kaspersky experts expect an increase in AI-controlled cyberattacks that imitate legitimate communication channels, which could lead to an increase in low-quality cyber campaigns. They also predict that cybercriminals will increasingly use the popularity of direct pay systems for their own purposes. This will lead to more Clipboard malware; Mobile banking Trojans continue to be exploited more frequently.
In addition, Kaspersky experts expect an increase in backdoored packages in open source software. Cybercriminals will exploit vulnerabilities in widely used open source software, which compromises security and can lead to data breaches and financial losses. In addition, Kaspersky experts predict that affiliate groups within the cybercriminal ecosystem will have more flexible structures in the coming year, with members changing frequently or working for several groups at the same time. This adaptability will make it more difficult for law enforcement to track down attackers and their groups and combat cybercrime.
More predictions for the financial industry in 2024
- Fewer zero-day exploits, but more one-day exploits: With few zero-day exploits available, cybercriminals are more likely to switch to the more reliable one-day exploits and thus rely on greater accessibility.
- Incorrectly configured devices and services targeted: According to Kaspersky experts, increasing exploitation of misconfigured devices and services that give cybercriminals unauthorized access for attacks is very likely.
- Global introduction of Automatic Transfer Systems (ATS): The global proliferation of mobile ATSs will spread beyond Brazil's borders, allowing cybercriminals worldwide to exploit these systems for financial gain.
“In the ever-evolving threat landscape, we expect the financial industry to see an increase in threats, increased automation and continued cybercriminal persistence in 2024. Financial institutions and organizations must therefore proactively adapt their cybersecurity strategies and strengthen their defenses to protect assets and sensitive data. The key to success is fostering collaboration between the public and private sectors to jointly address risks,” says Marc Rivero, senior security researcher in Kaspersky’s Global Research and Analysis Team (GReAT).
The financial forecasts are part of the “Kaspersky Vertical Threat Predictions for 2024”, one of the sections of the Kaspersky Security Bulletin (KSB) – an annual series of forecasts and analysis reports on the most important changes in the world of cybersecurity.
To the report on Kaspersky.com
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/