In 2021, many financial cybercriminals are likely to target Bitcoin more often, while other cybercriminals will switch to transit cryptocurrencies when demanding payment from victims for enhanced privacy, a report from Kaspersky says.
On top of that, extortion practices will become even more widespread, be it as part of DDoS or ransomware attacks, with the operators of the latter consolidating and using advanced exploits to target victims.
Financial cyber threats are among the most dangerous as they directly impact the financial wellbeing of victims – be it individuals or organisations. Drastic changes in 2020 unavoidably affected the way financial attackers operate. Albeit not all of the tactics, techniques and procedures have been influenced by the change of how we live and work nowadays, their influence cannot be understated.
Kaspersky predictions of the important developments in the financial threat landscape of 2021 are below:
MageCarting, or so-called JS-skimming (the method of stealing payment card data from e-commerce platforms), attacks will move to the server-side. Evidence shows that from day to day there are fewer threat actors relying on client-side attacks that use JavaScript. Kaspersky researchers expect that next year the attacks will shift to the server-side.
Read: Half of UAE tech leaders expect IT budgets to increase: KPMG study
At the same time, special technical capabilities for monitoring, deanonymizing and seizing Bitcoin accounts will prompt a shift in the methods used by many cybercriminals to demand payment. Other privacy-enhanced currencies such as Monero are likely to be used as a first transition currency, with the funds being later converted to other cryptocurrencies, including Bitcoin, to cover criminals’ tracks.
Due to their successful operations and extensive media coverage this year, the threat actors behind targeted ransomware systematically increased the amounts victims were expected to pay in exchange for not publishing stolen information. Now Kaspersky researchers anticipate even higher growth in extortion attempts as a means to obtain money. Organisations, which may be hurt by the loss of data and exhausting recovery processes, are in the crosshairs, with more cybercriminals targeting them with ransomware or DDoS attacks or even both.
On top of that, ransomware groups who managed to accumulate funds as a result of a number of successful attacks in 2020 will start using 0-day exploits – vulnerabilities that have not yet been found by developers – as well as N-days exploits to scale and increase the effectiveness of their attacks. While purchasing exploits is an expensive endeavour, based on the amounts some of the ransomware operators were able to obtain from their victims, they now have sufficient funds to invest in them.
Bitcoin theft will become more attractive as many nations plummet into poverty as a result of the pandemic. With economies crashing down and local currencies dropping, more people may become involved in cybercrime, leading to more cases. As Kaspersky researchers anticipate, due to the weakness of local currencies, more people may focus on fraud that demands Bitcoin, as well as Bitcoin theft, since it is the most widespread cryptocurrency.
“This year was substantially different from any other year we experienced, and yet, many trends that we anticipated to come to life last year came true regardless of this transformation of how we live. These include new strategies in financial cybercrime – from reselling bank access to targeting investment applications — and the further development of already existing trends, for instance, even greater expansion of card-skimming, and ransomware being used to target banks,” said Dmitry Bestushev, a security researcher at Kaspersky.