Cyber security company Kaspersky has released its predictions for the 2020 threat landscape, noting that cyber attacks are going to become more targeted and increasingly sensitive data leaks will proliferate.
The security firm believes that the trend towards more targeted attacks that have been observed for the past few years will continue and attackers will continue to build their banks of information with biometric data from new breaches.
As biometric technology becomes more prevalent in the technology used by individuals and businesses every day, there is an increased likelihood of the data these scanners collect being leaked.
"Not every adversary has a complete profile of potential victims to abuse, which makes the increasing amount of leaked data very valuable," said Kaspersky.
Ransomware attacks on UK businesses soar 195% The most popular ransomware strains targeting UK businesses Hacked for life: Why you should be terrified by biometric technology
The trend towards targeted attacks has been especially evident in ransomware which has strayed away from aimless targeting methods to a more methodical approach.
Targets have shifted to the wealthier organisations that have more to lose and are more likely to provide big payouts for quick release of their sensitive data, an act condemned by the industry but often works.
"Throughout the year, we recorded several cases where attackers used targeted ransomware, and we think that a likely future development will be more aggressive attempts to extort money," said Kaspersky. "A potential twist might be that, instead of making files unrecoverable, threat actors will threaten to publish data that they have stolen from the victim company."
Given the success of ransomware in recent years as a tried and tested business model, it’s unlikely that the rate of attacks will decline. Ransomware has been among the top attack vectors for some time but last year it's targeting of UK businesses soared by 195%.
Aside from ransomware, the security company recognised that the shift from data storage has gradually moved away from PCs and servers and more into mobile devices which is why it expects attacks to focus on these devices more in 2020.
Kaspersky cited the 14 vulnerabilities in Apple’s iOS exposed by Google this year as an example of how the focus is shifting to mobile.
Attackers will always go where the valuable data is and it’s ‘only a matter of time’ before more sophisticate mobile attacks are seen more in the wild.
"There are no good reasons to think this will stop any time soon," said Kaspersky. "However, due to the increased attention given to this subject by the security community, we believe the number of attacks being identified and analyzed in detail will also increase."
Attacks are also expected to proliferate on other non-PC targets such as VPN software, networking hardware and other infrastructure.
-
Prolific ransomware operator added to Europe’s Most Wanted list as US dangles $10 million rewardNews The US Department of Justice is offering a reward of up to $10 million for information leading to the arrest of Volodymyr Viktorovych Tymoshchuk, an alleged ransomware criminal.
-
Jaguar Land Rover “did the right thing” shutting down systems to thwart cyber attackNews The attack on Jaguar Land Rover highlights the growing attractiveness of the automotive sector
-
Ransomware attack on IT supplier disrupts hundreds of Swedish municipalitiesNews The attack on IT systems supplier Miljödata has impacted public sector services across the country
-
A notorious hacker group is ramping up cloud-based ransomware attacksNews The Storm-0501 threat group is refining its tactics, according to Microsoft, shifting away from traditional endpoint-based attacks and toward cloud-based ransomware.
-
Security researchers have just identified what could be the first ‘AI-powered’ ransomware strain – and it uses OpenAI’s gpt-oss-20b modelNews Using OpenAI's gpt-oss:20b model, ‘PromptLock’ generates malicious Lua scripts via the Ollama API.
-
Data I/O shuts down systems in wake of ransomware attack
News Regulatory filings by Data I/O suggest the costs of dealing with the attack could be significant
-
Average ransom payment doubles in a single quarterNews Targeted social engineering and data exfiltration have become the biggest tactics as three major ransomware groups dominate
-
BlackSuit ransomware gang taken down in latest law enforcement sting – but members have already formed a new groupNews The notorious gang has seen its servers taken down and bitcoin seized, but may have morphed into a new group called Chaos
