New types of malware, innovative deepfake techniques, cryptocurrency scams, “Crime as a Service”, and dangers of the Metaverse are what await us in the field of Cybersecurity shortly.
Even in 2022, ransomware remains the most widespread and used malware for cyber attacks. In the first half of 2022, 10,600 new variants were identified, more than in the previous half-year.
If we compare past years, the attacks were more limited, and specialized people were needed to hit a specific target. Still, thanks to ransomware as a service that can be purchased through a marketplace where you can choose which one to use, it is no longer necessary to have specific skills.
On the other hand, the means of delivery of the attacks always remain the same: phishing emails, malicious links, attachments, QR codes…
To protect yourself, the correct behaviors to use are to implement appropriate security infrastructures and have adequate education. The latter represents the main attack target, so it is necessary to invest in appropriate personnel training.
The Scenario Of The New Attacks
In an ever-changing context, attacks have been identified, which will become increasingly widespread in the coming years, starting in 2023.
The purpose of malware wipers is different from that of ransomware. While the latter has a mere profit motive, it encrypts the owner’s data to ask for its ransom; the former aims to create damage by destroying the data.
Methodology of wipers :
- File overwriting.
- Encryption of content and destruction of the key. Less used because it takes more computational power than simply deleting a file.
- Master boot record overwrite. Often used in conjunction with the other attack types listed.
- Editing the Master File Table. The MFT gets corrupted, so the owner can no longer access those files.
The wiper has more of a cyber war approach; it mainly aims to hit government bodies or energy industries, and the goal is to create discomfort by destroying data.
This type of attack is very clever; in fact, the wipers can verify if there are backup systems and, if so, disable them.
How to minimize these attacks
- Correctly back up your offsite and offline data to avoid discovery.
- Segmentation: have a segmented security posture such as a firewall with antivirus and an IPS ( Intrusion Prevention System ).
- Incident Response: react quickly to the attack; response times are essential.
- Have a disaster recovery plan.
In the first half of 2022, 8,000 wipers were identified worldwide, and Italy is in eighth place with 100 identified wipers.
Deepfake is an AI-based technique for human image synthesis, used to combine and overlay existing images and videos with original videos or images via a machine learning technique known as a “generative adversarial network”.
Deep Fakes are often used in vishing (attacks that use the phone as a conduit).
With the advent of cryptocurrencies, the attacker’s attention has shifted from bank transactions and bank transfers, where the level of security has been increased thanks to the use, for example, of Multifactor Authentication, to the Digital Wallet.
Digital wallets are easy targets for hackers, as they tend to be less secure not using the latest authentication technologies, so they will soon be directly targeted through custom-designed malware, as well as accounts and credentials linked to wallets.
This scenario will expand more and more as businesses increasingly start using digital wallets for online transactions.
In the world of cybercrime, the single hacker has been replaced by actual criminal organizations structured as companies capable of offering ready-to-use criminal solutions.
This “industrialization” of cybercrime has given birth to a production chain capable of offering a broad portfolio of services with diverse roles.
The significant risk of Crime as a Service is that it helps to lower the entry barriers to cybercrime, allowing even inexperienced but unscrupulous people to carry out extortion and cyber attacks.
On the other hand, real cybercriminals can expand their business and increase market penetration by creating a capillary network of “resellers” of their product.
The attacks that best lend themselves to this Crime as a Service model are:
- Malware infections
- Phishing campaigns
- Creation of botnets
- Reconnaissance activity
Virtual Cities – Metaverse
The interest in the Metaverse is now known, which estimates a market value for 2024 of 800 billion dollars, so much so that in 2023 the first virtual city, Dubai, will be created. Gartner estimates that by 2026, 25% of people will spend at least one hour a day in the Metaverse.
As a field still being defined and therefore not regulated, it inevitably poses problems of privacy and IT security problems.
The volume of personal data exchanged is significantly higher than that related to real-life activities.
This represents a significant challenge for cybersecurity experts, called to focus their efforts on digital identity, which has not only to do with online identity but also includes offline identity and includes all our sensitive data, payment methods included. Protecting this information, therefore, appears to be of vital importance for the development and very survival of the Metaverse, which presupposes the creation of avatars who carry various sensitive information such as:
- Personal data such as sex, age, gender…
- Exposure to the digital wallet
- Biometric data
This will open the door to an unprecedented increase in cybercrime :
- Individual avatars are the gateway to identifying personal information.
- Digital wallets, crypto exchanges, NFTs, and any currency used to transact, gives threat actors another attack surface.
- Biometric hacking, used for Augmented Reality and Virtual Reality, allows the attacker to steal facial recognition data and retina scans and use them maliciously.
Suppose the Metaverse truly becomes a new paradigm. In that case, cyber threat mitigation will have the same basics as today: protect accounts using password managers and two-factor authentication (2FA), use a reliable cyber security solution to prevent malware and phishing attacks and stay up-to-date with online safety best practices.
If you use cryptocurrencies, it is advisable to invest in a hardware wallet and follow cyber security advice on keeping them safe.