Industry executives and experts share their predictions for 2020. Read them in this 12th annual VMblog.com series exclusive.
By Kaspersky's GReAT
team
Advanced Persistent Threats in 2020 - Abuse of Personal Information and More Sophisticated Attacks Are Coming
In
anticipation of the new year, Kaspersky
researchers have shared their predictions on Advanced Persistent Threats (APTs)
in 2020, pointing out some of the ways the landscape of targeted attacks could
change in the coming months.
The predictions were developed based on changes that the Global Research and
Analysis Team (GReAT) collectively
witnessed over 2019, and are an effort to help the cybersecurity
community prepare for the
challenges that lie ahead in the coming year.
The abuse of personal
information: from deepfakes to DNA leaks
After a number of personal data leaks that happened in
recent years, the number of personal details available made it easier for
attackers to perform targeted attacks, based on victims' leaked info. In 2020,
threat actors will dive deeper, hunting for more sensitive leaks, such as
biometric data.
The researchers pointed out a number of key technologies
which could lure victims of personal data abuse into the attackers' traps.
Among them are video and audio deepfakes that can be
automated and support profiling, as well as the creation of social engineering
and other schemes.
Other targeted threat predictions for 2020 include:
-
False flag attacks reach a whole new
level. These attacks will develop
further, with threat actors seeking not only to avoid attribution but also to
actively lay the blame on someone else. Commodity malware, scripts, publicly
available security tools and administrator software, mixed with a couple of
false flags, where security researchers are hungry for any small clue, might be
enough to divert suspected authorship to someone else.
-
Ransomware shifts toward targeted
threats. Attackers will focus more on
organizations that are likely to make substantial payments in order to recover
their data. A potential twist might be that, instead of making files
unrecoverable, threat actors will threaten to publish data that they have
stolen from the victim company.
-
New banking regulations in EU open new
attack vectors. As banks will be
required to open their infrastructure and data to third parties who wish to
provide services to bank customers, it is likely that attackers will seek to
abuse these new mechanisms with new fraudulent schemes.
-
More infrastructure attacks and
attacks against non-PC targets.
Determined threat actors have, for some time, been extending their toolsets
beyond Windows, and even beyond PC systems. VPNFilter
and Slingshot, for example, targeted networking hardware.
-
Cyberattacks focus on trade routes
between Asia and Europe. New attacks
could hit regions including Turkey, East and South Europe and East Africa.
Possible scenarios include a growth in political espionage as governments seek
to secure their interests at home and abroad. They could extend also to
technological espionage in situations of economic crisis and instability.
-
New interception capabilities and data
exfiltration methods. Use of supply
chains will continue to be one of the most difficult delivery methods to
address. It is likely that attackers will continue to expand this method
through manipulated software containers, for example, and abuse of packages and
libraries.
-
Mobile APTs develop faster. There are no good reasons to think this will stop
any time soon. However, due to the increased attention given to this subject by
the security community, the number of attacks being identified and analyzed in
detail will also increase.
-
Personal information abuse grows,
armed with AI. It is very similar to
some of the techniques used for driving election advertisements through social
media. This technology is already in use and it is just a matter of time before
some attackers take advantage of it.
##
This prediction piece
was a combined effort of Kaspersky's GReAT
team. Established in 2008, Global
Research & Analysis Team (GReAT) operates at the very heart of Kaspersky,
uncovering APTs, cyber-espionage campaigns, major malware, ransomware, and
underground cyber-criminal trends across the world. Today GReAT consists of 40+
experts working globally - in Europe, Russia, Americas, Asia, Middle East.
Talented security professionals provide company leadership in anti-malware
research and innovation, bringing unrivaled expertise, passion and curiosity to
the discovery and analysis of cyberthreats.