Consumers will need to be extra vigilant in the New Year as established threats like ransomware and email phishing increasingly target individuals, while web skimming hacks grow, and new automated attack methods emerge using off-the-shelf artificial intelligence and machine learning tools.
The cost of cybercrime incidents climbs each year with unerring predictability. While 2019 will inevitably see a further rise in staggering losses – an estimated $2 trillion globally according to some sources – the New Year is also set to herald some unique cybercrime developments as technologies like artificial intelligence become increasingly accessible to cyber criminals, says BullGuard , a leading provider of consumer cyber security.
Ransomware is also to make a comeback but attacks will be targeted rather than using the common 2018 scatter gun approach. Web skimming will continue to be a serious problem while email phishing will, like ransomware, increasingly target individuals. We can also expect wide reaching attacks on consumer Smart devices.
- Artificial intelligence and machine learning
Artificial intelligence and machine learning are already widely used in cyber security to predict and counter emerging threats. However, it’s likely that cyber crooks will begin to take advantage of these technologies as they become increasingly accessible. In short, we can expect to see attacks that are faster, more adaptive and more difficult to capture. For instance, targets could include customised social network attacks designed to steal user data for identity theft, as well as specific attacks on companies.
- Internet of Things
As Internet of Things (IoT) devices become increasingly popular we’re likely to see wide scale attacks on Smart devices. To date, attacks have largely focused on individual devices or compromising specific devices to create botnets. In turn the IoT botnets have been used to launch attacks on websites to take them down. These attacks have largely focused on Internet infrastructure and service providers but in 2019 consumer-based attacks will emerge with hackers choosing to focus on home Smart devices.
On the flip side Internet Service Providers across Europe are also likely to begin incorporating IoT device security into their services by providing protection at the network entrance where the router sits. This protection will be cloud-based so the detection of attack signatures detected at one location can be quickly and effortlessly transferred to homes in other locations.
- Web skimming attacks
In terms of specific attacks and malware there will be an increase in web skimming attacks. These have been very prominent in 2018, for instance, the attack on British Airways’ website in which 380,000 payment card details were stolen as people made purchases. These types of attacks have taken place all over the world and have proven to be lucrative for fraudsters. In 2019 they will continue but attacks are likely to become even more sophisticated by also stealing log-in credentials and other sensitive information.
While ransomware may have slipped out of the headlines it will still pose a threat during 2019, although the manner in which it targets computers will change. To date, ransomware attacks have largely been indiscriminate in their targeting, this is set to change as focused attacks become more common. SamSam ransomware, which has collected approximately $6.7 million over the last three years, has focused on targeting individuals, and other cyber criminals have taken note.
- Financial services
The financial sector should also be bracing itself. New hacking groups that focus on European financial services outfits have emerged so there will inevitably be a ramping up of successful attacks. Banks face hundreds of probes, if not more, on their networks every day and successfully defend against them. But advanced social engineering campaigns targeting internal employees or third party companies connected to the bank are not as easy to detect and stop. Fraudsters will leverage the flood of leaked data from other organisations by identifying employees, to prepare and plot this new wave of attacks.
- Email phishing attacks
Email spam and phishing attacks will also continue at a pace with incidents recorded every day. These are relatively old techniques but they are successful hence their continued popularity among attackers. That said, we’re set to see an increase in email social engineering attacks in which individuals are targeted. Once an attacker has chosen a victim they can craft personalised phishing mails that are extremely convincing. There will be a spike in these types of personalised attacks.
- Privacy awareness
There is a wave of privacy awareness sweeping across Europe and the US following high profile revelations about how personal data is collected, used and sold-on by large organisations. As such, expect to see an increased uptake of the use of virtual private networks (VPNs) by consumers, who don’t want to be tracked on the internet, want to communicate with friends and family privately and want to access entertainment services wherever they are.
BullGuard advises that in 2019 new attack methods are set to emerge using artificial intelligence and machine learning. Yet malware will still be widespread and ransomware might just hit the headlines again. Those who have Smart devices in their home also need to be aware and smart about security.
Phishing emails will still cause lots of damage by exploiting the unwary. There is a huge underground industry dedicated to cybercrime with cyber fraudsters continually developing ever more sophisticated attacks. The bottom line is that consumers and businesses should be vigilant when online and protect themselves with good cyber security.