2019 was the year of social attacks that simultaneously exploited the weaknesses of human psychology, the problem with the ability to replace CIDs (telephone numbers displayed on an incoming call), and the leak of client data from banks. Fraudsters manage to use such schemes using leaks of bank client databases or to buy cheap personal data databases available in the DarkNet.
In this situation, it will be useful to ask yourself, is McAfee any good, to consider if your antivirus software has the identity theft protection option, or where to find the best security solution to protect you from fraudsters. The following information will help you understand why you should ask yourself about all of these here and now.
What Should Be Expected?
Attacks on 5G
Group-IB assumes that the advancement of 5G technologies will aggravate the situation with threats to the telecommunications industry. Architectural features of the 5G will provide more possibilities for new types of attacks on operator networks. At the same time, according to Positive Technologies experts, during the transition, when networks of previous generations will still be used for voice calls and SMS, all the shortcomings of their protection will be relevant for 5G subscribers for a long time.
Deep Fake Development
In the rapid AI development and neural networks enhancement situation, attackers will be able to create a variety of information fakes – deep fake, which can be used both to circumvent biometric identification and to deceive the public and other purposes. A similar forecast is found in almost every report, including Kasperksy, McAfee, and Redware.
Increasing Attacks on Supply Chains
The growth of attacks on supply chains was predicted in 2019, and this forecast does not lose its relevance. Usually, attackers introduce malware into the legitimate code of software developers, which is further distributed to victims.
Increasing Attacks Using Stolen Credentials (Credential Stuffing)
According to Chronicle experts, the numerous data breaches that occurred in 2019 will entail the active use of this data to carry out attacks. With the increase in the amount of data in access, attacks with the substitution of stolen data will become an increasingly viable monetization method for attackers.
Attacks on Devices and Hardware
The cybercriminals shift their focus from personal computers to various IoT devices, network equipment, cameras, drones, etc. According to Avast, cybercriminals will add sophisticated protection to malware intended for such devices, complicating their detection and analysis, similar to how they protect malicious code under Windows. Considering that smart devices’ popularity gains momentum, the surface of IoT attacks will expand.
Increasing Attacks on Clouds
Active cloud migration poses new security risks. Most corporations store their data in cloud services. Trend Micro predicts that they will be the targets of the hackers’ attacks, which they will be able to access through code-embedded attacks – deserialization errors, intersite scripting, and SQL code implementation.
Increasing of Attack Methods Complexity
Experts unequivocally claim that cybercriminals will become smarter and more sophisticated. McAfee talks about the possible transition of attackers to two-stage campaigns using ransomware. Kaspersky predicts that attackers will output data from infected devices using non-standard methods, for example, through signaling data or through Wi-Fi/4G connections.
Attacks on RDP
In 2020, a significant increase in all types of RDP (Remote Desktop Protocol) attacks is expected. Cybercriminals will be able to take advantage of poorly configured servers with RDP or will exploit protocol vulnerabilities, depending on what is more profitable for them, Avast believes.
Attacks on Critical Infrastructure
The experts from Group-ID, Chronicle, and Trend Micro assume that there will be more attacks on critical infrastructure. Industrial espionage, attacks with traditional malware or ransomware, attacks on supply chains – options can be different. Attacks are expected on energy enterprises, industrial systems, life support systems, and state power resources.
Development of Cyber Services for Sale
Cyber service schemes for sale will develop, gain momentum, and take new forms, the experts from Positive Technologies said. For example, a scheme can gain great popularity when some attackers hack into the infrastructure of companies and penetrate the internal network and then sell or lease it to other participants in the shadow market.
The increased volumes of leaked data can lead to a surge in fraudulent schemes, the purpose of which is to steal funds. Most likely, criminals will be interested in vulnerabilities related to the disclosure of information about users, in connection with which news can be expected about leaks of personal and bank card data.