Kaspersky researchers are sharing their predictions for APT (Advanced Persistent Threats) threats on 2020, pointing out how the landscape of targeted attacks will change in the coming months.
The more general trend indicates that threats will develop more accurately, be more targeted and diversified under the influence of external factors, such as the development and dissemination of machine learning, the development of technologies for deepfakes, or the intensities around trade routes between Asia and Europe.
The forecasts were developed based on the changes observed by the Global Research and Analysis Team within 2019 to support the digital security community through guidelines and information. The latter, together with a series of forecasts for industrial and technological threats, will help prepare for challenges that may arise in the coming 12 months.
Misuse of personal information: by deepfakes to DNA leaks
After several personal data leaks in recent years, the number of personal data available has made it easier for attackers to carry out targeted attacks based on leaked information. The bar has risen, and in 2020 the threatening players will deepen, hunting for more sensitive leaks, such as biometric data.
Researchers have identified a number of key technologies that could lure victims into the traps of attackers, including publicly available videos and audio Deepfakes that can be automated and support profile recognition and the creation of fraudulent and social engineering systems. .
Among the targeted threats for 2020 include:
- The false flag attacks are reaching a whole new level. They will be further developed, with threatening actors seeking not only to evade responsibility but also to actively blame someone else. Malware for sale, publicly available security tools or admin software, in combination with false flags, cases where security researchers "thirst" for any small item may be enough to call attention to someone else.
- From the programs ransomware to targeted threats. One possible reversal may be that, instead of making the files inaccessible, threatening agents will threaten to publish data that they have stolen from the victim's company.
- New banking regulations in the EU are opening up new attackers. As banks will be required to open their infrastructure and data to third parties who wish to provide banking services, it is likely that attackers will seek to abuse these new mechanisms with new fraudulent systems.
- More attacks on infrastructure and on non-PC targets. Determined threat players have, for quite some time, been expanding their tools beyond Windows, PCs, VPNFilter and Slingshot, for example, targeting networking hardware.
- Digital attacks focus on trade routes between Asia and Europe. There are several ways in which this could be done. They include an increase in political espionage as governments seek to safeguard their interests both at home and abroad. It may also extend to technological espionage in situations of potential or actual economic crisis and volatility.
- The mNoble APTs grow faster. There are no good reasons to believe that this will stop soon. However, due to the increased attention given to this issue by the security community, we believe that the number of attacks identified and analyzed in detail will also increase.
- Misuse of personal information is growing, armed with Artificial Intelligence. It's similar to some of the techniques used to distribute election ads on social media. This technology is already widely used and it is just a matter of time for attackers to take advantage of it.
"The future is full of possibilities that may have manifestations that we have not included in our forecasts. The extent and complexity of the areas in which attacks are propagated offer infinite possibilities. In addition, no individual research team has full visibility of threat functions APT operators. We will continue to try to predict the activities of the teams APT and to understand the methods they are developing, while also providing information on their campaigns and the impact of their actions, " says Vicente Diaz, a security researcher at Kaspersky.
The full list of Kaspersky forecasts of the 2020 threat landscape can be found on the dedicated website Securelist.com.
These forecasts are part of Kaspersky Security Bulletin (KSB) - Kaspersky's annual forecast series with detailed articles on the key changes in the world of digital security.
How useful was this post?
Average rating / 5. Vote count:
No votes so far! Be the first to rate this post.