Digital wallets, e-sports and satellite networks will be increasingly targeted by cyber gangs in 2022. In fact, in addition to refining ransomware, combining them with other types of threats, criminals are diversifying their attacks, also extending the scope. And they are taking advantage of theartificial intelligence to master i deep fake and to thwart those systems that detect their malicious activity. To say it is a report by FortiGuard Labs, which tries to predict the greatest risks for the cybersecurity of governments, companies and individuals in the near future, also underlining thehuge growth in cyber attacks registered between July 2020 and June 2021: in 12 months ransomware have increased by eleven times.
The researchers explain that malicious operations against high-profile targets have intensified, with damaging consequences for thousands of organizations and millions of people: one example is hacking the SolarWinds Orion software management platform. And as the competition between gangs becomes increasingly fierce, there is fear of an increase in more complex attacks, which require more planning: these are the most advanced threats, often planned by organizations with more resources available and supported by state actors. which are divided into several phases such as identifying a weak point in the network, obtaining unauthorized access, and remaining silent for a certain period of time before striking.
And as new vulnerabilities are discovered, attacks that try to exploit them will also grow, thanks to the spread of the model. Crime-as-a-service, where an organization sells its criminal product to user customers. The ransomware services on the menu can be varied: from selling access to already compromised organizations to helping with ransom negotiation, to money laundering, including cryptocurrencies. A rather heterogeneous portfolio, because it also offers other services such as Phishing-as-a-Service e Botnet/SMS-as-a-Service.
The targets
The decline of Trojans targeting wire transfers and banking transactions is explained by improved security features and new regulations, but also by the fact that these transactions are now more easily tracked. Just think about the fact that transactions are encrypted and require multi-factor authorizations. A situation that has prompted several cyber criminals to change target, turning to digital wallets of people. FortiGuard Labs recently documented a new one phishing threat which used an Amazon fake gift card generator with the aim of stealing cryptocurrency. It is a malware that monitors the notes of the infected device in which the wallet addresses are transcribed and replaces them with that of the attacker’s wallet. Another phishing campaign last summer was based on malware that stole crypto wallet information and credentials from victims’ computers.
The examples don’t end there. Another tool used to loot digital wallets is called ElectroRAT: to achieve the goal, this combines social engineering techniques with applications designed for cryptocurrencies and a new one Remote Access Trojan (a piece of malware that allows hackers to take control of the victim’s computer) that can target various operating systems such as Windows, Linux and macOS.
Even the E-Sports they are becoming an attractive target for cybercriminals as the industry’s revenue could exceed $ 1 billion this year (some forecasts could reach $ 1.8 billion in 2022). Online gaming is likely to show its side to attacks DDoS (Distributed Denial of Service), ransomware, financial theft and social engineering techniques because it requires constant connectivity and users often use unsecured home networks or resort to open Wi-Fi access. In general, with the increase in activities that take place within the home, starting with work and remote learning, the opportunities for hackers to exploit the weak points of the network to achieve their goals, such as launching a ransomware attack or simply stealing personal data and banking credentials.
But cyber threats aren’t just about the devices we use every day and home and corporate networks. FortiGuard Labs experts predict that in 2022 the new proof-of-concept threats (an attack against the system that demonstrates its vulnerability) will target satellite networks: a prediction corroborated with several arguments, such as the increased number of internet accesses through satellites and the fact that more will be launched soon. As the authors of the report note, SpaceX’s Starlink alone has over 4,000 satellites and is expected to activate over 30,000.
The main targets of these attacks will be organizations that rely on satellite connectivity to support low-latency activities, such as online gaming or the delivery of critical services to remote locations, but also relocated offices, oil and gas pipelines, as well as targets on the move. , such as cruise and cargo ships, and airlines. An example of this type of operation is ICARUS, a proof-of-concept DDoS that leverages direct global accessibility to satellites to launch attacks from different locations.
Not just ransomware
Ransomware allows criminals to lock infected devices by encrypting files and other documents, forcing the victim to pay a ransom in exchange for restoring access to the system. These malware grow stronger because they add another weapon to their arsenal: it is the ability to wipe out data and paralyze critical infrastructures and operating technology systems (the set of hardware and software that allows you to control physical processes and devices ). A kind of time bomb, which had already been used in the past, and which is now often combined with DDoS attacks. Alongside this type of operation, the experts from FortiGuard Labs also plan to use quantum computer to decrypt the encrypted data and acquire critical information to be used for new attacks, as well as the development of botnet that specifically target platforms Linux.
Finally, cybercriminals are using artificial intelligence to exploit deep fake, that is to say photos, videos and audio made thanks to software that starting from real contents are able to modify or recreate faces, body movements or imitate voices. These tools can be used to improve attacks with social engineering techniques. And even if they are in their early stages of development, they could soon become a problem with the gradual improvement in CPU and GPU performance. These innovations in the creation of deep fakes could lead to real-time imitations of the voice and video applications capable of passing the examination of biometric recognition systems.
.