Tag Archives: Cyber Security Threats

Cyber security threat predictions in 2022

Despite the latest security software, firewalls, and end-to-end encryption processes, cyber criminals find new ways to incorporate security systems with tiny loopholes daily. In 2021, we went through some of the most vulnerable hacks around the world. In order to combat such attacks every individual tech savvy should follow security measures to safeguard their personal computers or work place computers. So for companies and individuals opting a better cyber security system is the only solution.

In the future, a cyber-cold war that resembles a real war will become more real as cybercriminals use sophisticated tools and ransomware attacks to demand more money from companies and governments.

cyber security threat predictions in 2022

False news

Through social media and other media, misinformation about the coronavirus pandemic and the efficacy of vaccines is spreading like wildfire in 2021.

Because of this, illegal businesses have proliferated on the dark web and on few famous social media platforms, selling fake vaccination certificates or COVID certificates containing malware.

This type of misinformation will, of course, continue to play an active role in phishing attacks in 2022. This is not to mention the role they will play in future elections, such as the midterm that will be held in the United States.

Fraudulent deepfakes

The distinction between a deep fake and a real image was not difficult until recently. It is now more difficult. There has been an increase in both audio and video tools over the past few years.

In 2021, cybercriminals proved that they could manipulate the stock price of a company and influence opinion on social media using this technology.

For example, In Hong Kong, hackers posed as the branch director of a bank and cajoled him to send them 35 million dollars by using this type of technology As told by CheckPoint a cyber security solutions company.

The world of cryptocurrencies is being attacked more often

Cybercriminals are going to try to get their hands on cryptocurrencies as soon as they become popular not longer only for early adopters.

The number of attacks on different exchanges is expected to increase by 2022, as well as the popularity of inventive methods of stealing online money wallets. Numerous cyber security firms warning alleged free NFTs that can be used to attack wallets containing certain security flaws.

Hybrid enterprise and mobility

Cybercriminals’ pressure on teleworkers has increased as companies have made remote working easier, especially with mobile attacks.

A malicious mobile app was downloaded by at least one employee of nearly half of the companies reviewed by Check Point in 2021. In an age when mobile wallets and mobile payment services are becoming more and more popular, attackers will continue to take advantage of our dependence on these terminals.

Tools for defending against attacks

Cybercriminals have leveraged penetration tools, which were created to test security defenses, to launch highly effective attacks, allowing them to increase their own efficiency.

In order to target their victims with ransomware, hackers have customized these tools. The use of this tactic to carry out extortion and data exfiltration attacks in 2022 is likely to increase as this tactic continues to catch on.

The cyber attacks cost victims the most money : Be careful

There are so many cyber attacks which in one way or another can compromise our personal computer systems. Some are intended to steal passwords, data, infect your computer and make it malfunction. many varieties that hackers use to achieve their targets. But not all provide the same value.

In this guide, we are going to talk about that which safety attacks may make users shed the most cash .

Which cyber attacks price victims the most money

Despite of so many tips from numerous cyber security experts victims increasing day by day , Specially with Covid19 pandemic and work from home scenario.

The first thing we must indicate is that the victims can be both domestic users and additionally organizations and massive companies. Cyber criminals can use a wide selection of methods to assault multiple sectors for gain. However, naturally, not all strikes are the same. Hackers will have a target, primarily a financial advantage.

Which cyber attacks cost victims the huge money

However you will find security problems that could simply be the gateway to a network, while others may bring a direct financial benefit.

Ransomware attacks : Certainly, among the cyberattacks that produce the most money to hackers is ransomware. The attacker infects a method with the aim of encrypting all the content.

The sufferer won’t be able to get into the files or perhaps could not start the operating system. So that everything returns to normal, so the consumer can re-enter their files as before, can have control of the equipment, they will have to pay an financial volume. This is type of hijacking of your device is ransomware attack .It is thus a very direct type of attack.

DDoS attacks : The DDoS attacks are especially designed to paralyze a company, website or some other stage. It involves sending a number of requests so that a server can’t handle such a high need. Let us say it is a web site which sells products. If this site is down for an whole day, clients couldn’t enter to buy.

It would be a very significant economic loss. Malware to steal credentials. Obviously they can also use different types of malware to steal accounts for example as social networks, email, platforms to view streaming videos. All this has a value online. They can sell our qualifications to get social networks on the Dark Web. They could also do the same with Netflix accounts, for instance. The victim could have paid for a subscription and noticed their accounts stolen.

Fraud in online payments : Another issue to be aware of that hackers can use is theft through online payments. It might happen that we’re making a purchase through an unencrypted page and from a public Wi-Fi network.
A cybercriminal could benefit from the situation to divert the payment and then steal the cash. You are able to observe some methods to detect risks when buying online.

Data theft : Our private data has good value online. Especially if it’s a company, you may assume that significant data can get to the competition. Ultimately, these cases that we have mentioned can negatively affect the economy of users. They’re attacks that want to steal data, infect computers and, in the long run, profit. We must always maintain security and avoid problems.

Cyber Security Threats 2020

Cyber Security Threats

Although making predictions about the state of cyber security is fun, it may not be much fun for security experts to decide which threats to prepare for most. So much so that an engineer from the Akamai Security Intelligence Response Team said this; he explains that a really good prediction cannot be made about what the future will be because what comes out of the places you do not guess can become a problem.

So if the biggest Cyber Security Threats are something new and unpredictable, how should the security experts best focus on their next year’s efforts? Looking at how to change the biggest threats of 2019 in terms of scale and tactics in 2020 to make the right planning will be an appropriate start for the first step.

In this context, we reviewed the pioneering research on the most common and important threats of 2019 and compiled the researchers’ recommendations on where these threats will be addressed in 2020 and how organizations will defend themselves against them.

Malware infection on devices

Protection of endpoints remains a battleground for organizations. Kaspersky’s IT Security Economy report in 2019 reported that in 2019, devices in about half of organizations were infected with malware.

According to the Kaspersky report, malware infection was the most costly incident for companies, with an average cost of $ 2.73 million per event. This figure was slightly less than $ 117 thousand in SMEs.

Expected in 2020:

A security researcher from Kaspersky highlights the risk from employees’ devices for 2020. The researcher introduces solutions such as enabling remote work and allowing employees to use their own devices to reduce employee costs and increase employee satisfaction. So much so that users tend to protect their personal devices less than corporate devices, because average users rarely take additional measures to protect their phones and computers from potential threats. As long as this trend continues, malware will continue to appear on devices owned by the company and its employees. Even if the attacker no longer needs to target company accounts (for example, with phishing emails sent to company mail), this attack vector continues to be attractive.

The best recommendations combat Cyber Security Threats 2020

Companies should review their policies on personal devices and update their devices. A number of recommendations for 2020 also include strict corporate policies on security, proper rights management and providing users with security solutions, ownership to protect the company and its data. In addition to managing technical problems, safety awareness training is also very important because only in this way can cyber hygiene standards be developed among employees.

Phishing

According to the Verizon 2019 Data Breach Investigation report, about a third of last year’s cyber attacks included phishing. This number was 78 percent for cyber espionage attacks. The worst phishing attacks in 2019; it was due to the fact that the perpetrators were in a much stronger position thanks to well-produced ready-made tools and templates.

Akamai’s SOTI report, Baiting the Hook, revealed the size of the service offered by a fishing tackle developer. In this service, the developer has a store and the developer advertises on social media. Ads starting at $ 99 increase depending on the postal services selected. The report’s authors say that the low prices and high-level brand targets about the related attacks have created a line for entry into the phishing market, which is very attractive for criminals who want to set up stores. Top-level brands targeted in this type of attack include globally active brands such as Target, Google, Microsoft, Apple, Lyft and Walmart.

Expected in 2020:

Fishing line attackers will offer more sensitive products in 2020 and will make less effort to launch a fishing line campaign. According to the IDG Security Priorities Survey, 44 percent of companies say increasing security awareness and staff training is the top priority for 2020. Attackers will respond to these measures by improving the quality of their attacks by minimizing or hiding the common signs of phishing. It is a good option for companies to expect business email security (BEC) to be used if attackers attempt legitimate phishing attacks through fraudulent or compromised internal or third-party accounts.

The best recommendations for 2020:

It is necessary to keep up-to-date and continue training on protection from phishing attack. Having policies that require any employee to receive a request for money or payment orders via phone calls is also among the factors that increase protection.

Ransomware attacks

Ransomware attacks are not the most common cyber security incident, but are among the most costly attacks. According to Kaspersky’s IT Security Economy report in 2019, about 40 percent of SMEs and businesses experienced a ransomware incident in 2019. At the enterprise level, the average cost per event was $ 1.46 million.

According to the Sophos Labs 2020 Threat report, endpoint protection tools are getting better at detecting ransomware, but ransomware developers use techniques that are better than those tools. According to the researchers, it’s easy to change the look, purpose, or behavior of a malware. That’s why modern ransomware relies on uncertainty to succeed. Researchers underline that in 2020, by changing the features of ransomware or adding new ones to its features, it will be more risky.

Sophos reports give a few examples of how ransomware can come from a reliable source:

Prepare a script listing the targeted machines, add them together with Microsoft Sysinternals, a privileged domain account and the PsExec utility from ransomware.
Using the login / logout script through the Windows Group Policy Object
Abuse Windows Management Interface for mass deployment within the network

Expected in 2020:

According to research, ransomware attackers continue to change their methods to gain advantage. Among the most striking developments is ransomware attackers performing automated, active attacks that blend human creativity with automation tools to create maximum impact. In addition, attackers continue to escape the defense by encrypting only a relatively small portion of each file, or by installing the operating system in a diagnostic mode, where ransomware protection is often unavailable.

A security researcher from Kaspersky stresses that there is no reason for ransomware attacks to decrease next year, that ransomware is increasingly targeting infrastructure, organizations, and even smart cities. According to the researcher, ransomware developers will make their code more prominent. Thus, they can form a basis in the system, encrypt more data without being noticed, and scale transactions with other networks. The security researcher adds that internally this year, even in Network Attached Storage (NAS), which is considered to be largely secure against such threats, they have observed that attacks have occurred.

The best recommendations for 2020:

As always, the best defense against ransomware is to have updated, tested backups of all critical data. It is necessary to keep these backups from the network so that they are not encrypted by ransomware. At this point, employee training is also very important.

Kaspersky security researcher advises companies for 2020; shares that companies should implement strict security policies to protect themselves from ransomware and provide employees with cyber security training. He also states that additional protective measures may be required, such as securing access to data, ensuring safe backups, and applying application whitelisting techniques to servers.

It is also vital for companies to have strong security controls, monitoring and responses covering all endpoints, networks and systems, and to install software updates as they are released.

Third party supplier risk

According to Kaspersky’s IT Security Economy report in 2019, both businesses and SMEs applied to third-party suppliers (both in terms of services and products) at a rate of 43 percent and 38 percent, respectively. According to a survey by One Identity, most organizations (94 percent) allow third parties to access their networks, while 72 percent allow privileged access. While 22 percent of organizations are sure that third parties do not have access to unauthorized information, 18 percent report a violation from third parties’ access.

Kaspersky study shows that both SMEs (75 percent) and businesses (79 percent) force third-party suppliers to sign security policy agreements. This makes a huge difference in getting compensation for violations from third parties. While 71 percent of businesses with policies in this direction state that they receive compensation from third party suppliers in cases of violation, only 22 percent of companies that do not have this policy state that they receive compensation.

Expected in 2020:

Businesses will become more digitally connected with their suppliers and partners. This will increase both the risk and awareness of this risk. But the attackers are becoming increasingly sophisticated.

Researchers have recently observed that some new groups such as BARIUM or APT41 have carried out advanced supply chain attacks against software and hardware manufacturers to penetrate secure infrastructures around the world. These include two complex supply chain attacks uncovered in 2017 and 2019: CCleaner attack, ShadowPad and other attacks on game companies. Making concessions from one of these threat actors brings about a complicated process, because attackers often come from the back rooms, which later cause them to return and cause more damage.

The best recommendations for 2020:

To avoid third-party supplier risk, you should learn who can access your networks and make sure they only have the privileges they need. Having policies to communicate and enforce third-party access rules is one of the other factors that increase protection. Organizations should establish a security policy that explains responsibilities, security expectations and what happens when an event occurs for all third party suppliers.

Researchers’ recommendations for next year; it qualifies as the best organization companies can do to protect themselves from such attacks, ensuring that not only them but also their partners adhere to high cyber security standards. If third-party suppliers get any access to internal infrastructure or data, cyber security policies should be established before the integration process.

DDoS attacks

Kaspersky’s IT Security Economy report in 2019 reports that 42 percent of businesses and 38 percent of SMEs experienced a denied denial of service (DDoS) attack in 2019. This is at the same level as the ransomware events that have received much more attention in the media. Financially, DDoS attacks cost SMEs an average of 138,000 dollars.

Attackers continue to innovate to increase the effectiveness of DDoS attacks. For example, in September, Akamai reported a new DDoS vector, “Web Services Dynamic Discovery (WSD), a multicast discovery protocol to find services on a local network.” Attackers can scale and endanger misconfigured, internet-connected devices to extend the scope of DDoS attacks using WSD.

Expected in 2020:

Researchers underline that DDoS attacks were “quite prominent” in 2020 due to the increasing number of 5G and IoT devices. According to researchers, the traditional boundaries of critical infrastructures such as water supply, power grid, military facilities, and financial institutions will expand much further to unprecedented areas in a 5G-connected world. All this will require new security standards and increased connection speed will create new challenges to stop DDoS attacks from happening.

The best recommendations for 2020:

The move to be applied in the first stage; checking the internet connected devices for incorrect configurations and mismatched vulnerabilities. For example, not knowing the security status of webcams used for security will cause bigger problems at these points. An engineer from Akamai states in his predictions for 2020 that checking internet-connected devices for improper configurations and mismatched vulnerabilities is the primary security measure.

Attack vulnerabilities of applications

Veracode’s Software Security Vol. In 10 reports, at least one security error was seen in 83 percent of the 85,000 applications tested. The research found a total of approximately 10 million security errors, and 20 percent of all applications included at least one high-density security error. This situation gives attackers a lot of opportunities.

Report authors have an optimistic attitude in some data. Researchers note that they have seen improvements in rates of particularly high-density defects. The overall correction rate has increased from 52 percent to 56 percent in 2018, and the highest severe defects are at 75.7 percent. However, the biggest positive aspect in the report predicts that the DevSecOps approach, with frequent scanning and testing of software, will reduce time to correct flaws. As a matter of fact, for applications scanned 12 times or less per year, the average repair time is 68 days; this rate fell to 19 days.

Expected in 2020:

Despite the efforts of security and development teams, vulnerabilities will continue to exist in software. Veracode CTO states that most software is very insecure today. According to CTO, this will continue in 2020, especially in 90 percent of applications that use code from open source libraries. Stating that they saw some positive AppSec marks in 2019, Veracode CTO adds that organizations are increasingly focusing on fixing them and prioritizing the flaws that put them at the most risk.

The best recommendations for 2020:

As the Veracode research shows, it is an effective defense method to scan and test applications more frequently against vulnerabilities in taking precautions against the most serious vulnerabilities. Veracode researchers also urge companies to pay attention to the “security debt”. One of the increasing threats in application security is whether the applications accumulate defects over time or the ‘security debt’ concept regarding the elimination situation. An increasing security debt paves the way for organizations to be exposed to attacks.

Cloud services / infrastructure events

According to Kaspersky’s IT Security Economy report in 2019, 43 percent of corporate businesses had security incidents affecting third-party cloud services in 2019. While cloud-related events aren’t the most common in SMEs, they often draw a rather costly picture for small companies that are more dependent on services. Infrastructure incidents cost SMEs 162 thousand dollars.

Another area that saw an increase in activity in 2019 was online payment fraud. Especially the Magecart attack group showed an active profile last year. The group uses code that makes use of the wrong configurations in the cloud to replace the shopping cart code. Businesses using online e-commerce services are not aware of this change until customers complain about fraudulent fees.

Organizations need to be concerned about misconfigurations that their cloud services will leave their data open on the Internet. Attackers regularly browse the internet to obtain this data from companies. Cloud platform vendors like Amazon and Google introduced new tools and services in 2019 to help organizations properly configure their cloud systems and find bugs that leave data unprotected.

Expected in 2020:

The power of malicious code and financial reward (Magecart’s traction was millions of dollars only) means that online payment fraud will increase in 2020. Magecart’s success inspires imitators. Organizations can counteract this and other cloud threats by spending more on cloud security. According to the IDG Security Priorities Survey, only 27 percent of organizations have cloud data protection technology in production, and 49 percent are researching or trying it.

The best recommendations for 2020:

It is beneficial to conduct e-commerce files’ source code reviews and to implement sub-resource integrity in order to prevent the changed scripts from loading without your permission. Researchers recommend making sure that your cloud providers are evaluating their own code to prevent fraud and regular scans of configuration errors on the internet that expose your data.

IoT vulnerabilities

According to the Security Industry Association (SIA) 2019 Security Megatrends report, the Internet of Things (IoT) and the data it produced became the second most influential trend on security practitioners in 2019. While the growth of IoT is not difficult to predict, research company Statista predicts that by 2020 there will be between 6.6 billion and 30 billion internet-connected devices.

The threat posed by IoT was for most organizations in 2019. Marsh Microsoft 2019 Global Risk Perception Survey, 66 percent of respondents viewed IoT as a cyber risk, while 23 percent rated it as “extremely high.” According to the CyberX cyber security chief, IoT devices are soft targets for competitors because they are often bulk and misconfigured. They are also ‘not managed’ because they do not support endpoint security agents. As a result, competitors can easily compromise computing resources for gaining a place in corporate networks, performing devastating ransomware attacks, stealing sensitive intellectual property, DDoS campaigns and crypto money packaging.

CyberX’s 2020 Global IoT / ICS Risk Report revealed the most common vulnerabilities that have made IoT devices vulnerable in the past 12 months. Devices that can be accessed remotely fell 30 percent in the vulnerability in 54 percent of surveyed sites. Direct internet connections have fallen from 40 percent to 27 percent.

The previous year’s rate of 53 percent of sites with disadvantaged operating systems rose to 71 percent this year, and 66 percent of their sites were unable to perform automatic antivirus updates compared to the previous year (43 percent).

Expected in 2020:

Researchers predict that the number of connected devices will increase the risk of IoT devices in 2020 as the motivation of nation-state opponents and cybercriminals increases. Industrial environments such as energy services, production, chemicals, pharmaceuticals, oil and gas will be particularly at risk. Risks, according to researchers; costly plant outages can lead to more serious consequences such as threats to human security and environmental incidents.

CyberX cyber security chief defines building management systems (BMS) as the primary target for attackers. According to the security chief, viruses are often placed by facility management teams with minimal expertise in security, not monitored by corporate security operations centers (SOC).

The best goals for 2020 are:

Security experts recommend companies to implement a multi-layered and comprehensive defense strategy.

Stronger network segmentation

Restricted remote access to industrial control networks by third-party contractors with strong access controls such as 2FA and password vault.

Agentless network security monitoring to quickly detect and mitigate IoT attacks before attackers.
As a result, the best defense is through more focus on organizational focus rather than technical approaches. For example, one of the major shortcomings in the TRITON attack on the security systems of a petrochemical plant in Saudi Arabia was that no one ultimately saw themselves responsible for the security of the industrial control network. There have been serious declines in security monitoring and no one has checked that the firewalls at DMZ are properly configured by outsourcing companies that install them. The recommendations for CISOs are that IT security integrated into the SOC workflows and security stack, as well as stepping into the plate and taking ownership of IoT, OT security, should not be forgotten as a holistic approach to IoT and OT security.

Cryptojacking

To end the list with positive news, encryption attacks are expected to decrease in 2020. Although encryption attacks are not one of the most common threats for companies or SMEs in Kaspersky’s IT Security Economy report in 2019, these attacks were very costly for businesses in 2019. The average financial impact of the attacks on companies was $ 1.62 million.

Expected in 2020:

Encryption attacks are rising or falling in parallel with cryptocurrency values. However, the ease of attackers to execute a cryptocurrency scheme means that this threat will continue in 2020. Researchers note that mining has been steadily declining throughout 2019, and they have not seen any reason for this trend to change.

The best recommendations for 2020:

Using a security solution that detects encryption threats and paying attention to spikes in cryptocurrency values ​​that will encourage further encryption attacks are among the recommendations suggested by researchers. Continue reading Cyber Security Threats 2020