In 2021, biometric data leaks and targeted extortion await us

[Tomcat]

Kaspersky Lab experts shared their vision of the evolution of complex threats and targeted attacks (the so-called Advanced Persistent Threats - ART) in 2020. The predictions were made on the basis of the events and incidents that specialists have observed over the past months. The trends identified suggest that threats will become more secretive and targeted, and the spread of new technologies, such as machine learning and neural networks, will take the complexity of cyberattacks to a new level.

In particular, according to Kaspersky Lab estimates, in the very near future there will be a danger of leaks of especially valuable information - for example, human biometric data. Users' personal information helps attackers improve their social engineering methods and conduct more convincing attacks, so that their interest in other people's personal information will only increase. In addition, cybercriminals may well start using artificial intelligence to profile the victim and create information fakes - the so-called deep fakes, which are already widely discussed today.

Recently, attackers have begun to move away from the practice of mass distribution of generic ransomware and have begun to choose their victims more carefully - in other words, they are looking for those companies that will be willing to pay significant sums to recover their data. According to experts at Kaspersky Lab, this “targeted extortion” will gain momentum in the coming year and may become more aggressive. For example, instead of encrypting files, attackers can threaten victims with publishing stolen data. In addition, cybercriminals may target subtle devices - smart TVs, watches, cars, homes, and the like - in an attempt to diversify their attacks with ransomware.

One of the features of ART attacks is their stealth. They are so carefully planned and worked out that the victim may be unaware of what is under attack for a very long time. Also, in most cases, it is not possible to establish who exactly is behind such malicious operations, and this is partly the "merit" of the attackers themselves: they diligently mask the traces of their activities and often place so-called "false flags "to send researchers on the wrong track. And as experts at Kaspersky Lab believe, this trend will continue to develop. Cybercriminal groups will strive not only to avoid attribution, but also to expose anyone else to blame for their actions. To do this, they may, for example, deliberately use backdoors that are associated with other ART groups.

“No forecast, even the most detailed and thorough one, can foresee everything that may happen in the future. The environments in which attacks are deployed are so vast and the circumstances so multifaceted that the future evolution of threats is likely to be more difficult than the best predictions. In addition, none of the researchers have a complete understanding of the actions of ART groups. All this, however, does not negate the fact that we will continue to monitor the development of ART threats and the attackers behind them and will try to better understand their methods, predict their actions and possible consequences, "said Dmitry Galov, an anti- virus expert at Kaspersky Lab. ".