Accelerated digitization increased the attack surface (. / Oskar Burgos / Archive)
With the pandemic and the quarantine, the digitization which empowered many sectors and also cybersecurity challenges grew. Attacks from spoofing, information hijacking via ransomware and other forms of deception marked these months and could be increased next year. Being informed is the first step to take precautions.
Predictions for 2021
Impersonation or phishing
Identity theft, or phishing, is a type of fraud by which a cybercriminal impersonates a company, entity or some other group with the aim of cheat the user so that he offer your access credentials to an email, page or bank accounts.
Phishing is a type of fraud by means of which a cybercriminal tricks the user into offering him his access credentials
“The attacks, especially phishing attacks, will definitely continue to increase. They will be more and more complex. During 2019 approximately USD 600 million in data was lost”Explained Ramón Castillo, Forcepoint engineer, in dialogue with .. And he stressed that the industry most attacked in the region was the financial, with 71% of attacks, among which phishing increased by 600%, only at the beginning of the year.
“The trend of conducting most of our activities online will continue until at least the middle of next year due to issues related to the pandemic, which means fertile land for cybercriminals to continue their fraud, theft and extortion campaigns. Moreover, the attacks with the highest profit potential, those that target companies and public entities, will be more coordinated and, therefore, more damaging.”, He warned Dmitry Bestuzhev, director of the research and analysis team for Latin America at Kaspersky.
Ransomware or data hijacking
Known as ransomware to a type of cybercrime that consists of data hijacking by means of a malicious program that encrypts files, preventing the user from accessing the content.
To restore access to that remaining content kidnapped, encrypted and Inaccessible for the user, the cybercriminal asks the user for the ransom payment in cryptocurrency format.
From Kaspersky they anticipate that there will be more targeted ransomware attacks in Latin America. They explain that, in general, Latin American cybercriminals copy the techniques of their Eastern European counterparts and anticipate that local development of this type of threat may occur with schemes similar to those carried out by nefarious groups such as Egregor, Ragnar Locker, Netwalker, Sodinokibi, and others.
A screenshot of the message that was seen on computers affected by WannaCry, one of the most harmful ransomware in recent times (AP)
From Sophos they anticipate that more sophisticated ransomware families will continue to refine and change their techniques, tactics and procedures (TTP) to become more evasive and nation-state-like sophistication, targeting larger organizations with multi-million dollar ransom demands.
“In 2020, these families include Ryuk and RagnarLocker. At the other end of the spectrum, the lowest level, Sophos anticipates an increase in the number of novice attackers, who will seek simplest ransomware, as Dharma, which allows them to target smaller prey but in large volumes ”, is mentioned in the study released.
In 2020, Sophos reported on Maze, RagnarLocker, Netwalker, REvil and other ransomware families that employ the extortion technique.
Theft of WhatsApp accounts
Nowadays they steal WhatsApp accounts by means of social engineering, that is, deception techniques that aim at the victim offering the access code that you receive by SMS. Cybercriminals then ask for money to give you back access to the service.
From Kaspersky they anticipate that this type of deception will continue in force and that in the near future it will be even more attractive to carry out these scams due to the expansion of WhatsApp Pay.
Disinformation will continue to increase
In 2021, and onward, the disinformation will continue to increase in focus and scope. “While disinformation is a big and growing threat, it is interesting to think what new technology could emerge from experts raising the issue at government levels, or how social media can evolve to meet this urgent challenge”, Highlighted from Forcepoint.
For their part, from Kaspersky they stated that Cybercriminals will use techniques linked to artificial intelligence to orchestrate disinformation campaigns or to spread malicious code. “In 2021 it will be cybercriminals who will begin to see the value of using frameworks and machine learning to make the detection of their malicious campaigns even more complicated, ”the company mentioned in its report.
Malware hidden in legitimate tools to evade cybersecurity services
Sophos believes that cybercriminals will continue to take advantage of the abuse of legitimate tools to hide as they prepare to launch their main attack. By hiding inside a legitimate tool they remain off the radar, but cybersecurity specialists can get ahead of this threat.
“Experts know the subtle anomalies and can detect those traces that criminals often leave, such as using a legitimate tool at the wrong time or place. For trained threat hunters or IT administrators using the detection functions and Endpoint Response (EDR), these signals are valuable signs that can alert security teams to a potential intruder and an ongoing attack, “he explained. Chester Wisniewski, Sophos Principal Research Scientist.
Synthetic identities for financial crimes
According to McKinsey, synthetic identity fraud is the fastest growing type of financial crime in the United States and it is expanding to other geographies. The use of credentials to create a false profile is known as synthetic identity in order to request credits or open illegitimate accounts.
“We see many cases of data theft by employees who believe they will not be discovered and, on the other hand, a large amount of data leaks caused by human error or poor security management ”, they analyzed from Forcepoint.
How to protect yourself
As users it is important be informed to not click sites potentially malicious or pages apocryphal that may lead to theft of data and access credentials.
Second, it is essential to use passwords different for the different accounts. The password managers they are a good tool to do this. In addition, it is important to activate the second authentication factor in all profiles.
It is important to keep operating systems updated because with each update security patches usually arrive that resolve flaws that can be exploited by cybercriminals.
It is also suggested to have security solutions in all the devices that are used. In the case of companies, it is also essential that they have a team specialized in maintaining security and also that they take care of raising awareness and training staff in the safe use of computer equipment and systems.
How can WhatsApp be hacked and what to do to avoid it
Over 100,000 Facebook account credentials were compromised in a global scam