Carding Forum
Professional
- Messages
- 2,788
- Reaction score
- 1,363
- Points
- 113
McAfee experts share their predictions about possible threats that await users in 2021.
The number of Internet users, their online activity and the popularity of digital services are growing every year in the world. Cyber fraudsters also do not sleep - they constantly come up with new tricks and improve plans for cyber attacks. According to experts, in 2021, criminals will target cloud platforms, home offices, users of mobile devices, social networks and QR codes.
The attack also affected businesses. Unlike government agencies, which store sensitive information on isolated networks, private organizations often hold important intellectual property on Internet-accessible networks. It is difficult to determine which intellectual property objects or personal data of employees were stolen, and the full extent of the theft may forever remain unknown.
This type of attack also poses a threat to ordinary people. With many devices connected to the network in modern homes, hacking into consumer electronics companies could lead attackers to use access to smart devices such as televisions, virtual assistants, and smartphones to take over their data or use them as a gateway for attacks. to enterprises, while users work remotely from home.
This type of attack is dangerous because it uses trusted software to bypass cyber defenses, infiltrate victim organizations with a backdoor, and allow the attacker to take action. The result is theft or destruction of data, shutdown of critical systems for ransom, orchestrating system failures that result in kinetic damage, or simply injecting additional malicious content across an organization's network to maintain control even after the initial threat , passed.
Cybercriminals have focused on attacks on home systems. The number of malicious phishing links blocked by McAfee increased by more than 21% between March and November, with an average of over 400 links per home.
Many of the home devices have been left unprotected because manufacturers do not properly support them with security updates that address new threats or vulnerabilities.
A home environment is different from a corporate office environment filled with devices that are "hardened" with enterprise-grade security. Cybercriminals will use the home as a platform for hacking campaigns that target not only our families, but corporations as well. Hackers will take advantage of the home's lack of regular firmware and security updates, lax privacy policies, system vulnerabilities, and user exposure to social engineering.
To compromise the home environment, attackers will launch various attacks on both corporate and consumer devices in 2021.
The COVID-19 pandemic has also accelerated the transition of corporate IT services to the cloud, which has increased the potential for new attack patterns on enterprises in it.
There was a significant increase in the number of attacks on cloud accounts, which is estimated to have increased by 630% overall, with differences in the sectors targeted. The transport industry took the lead with a 1350% increase in cloud attacks, followed by education (+ 1114%), government (+ 773%), manufacturing (+ 679%), financial services (+ 571%), and energy and utilities. services (+ 472%).
The rise in the number of unmanaged devices accessing the corporate cloud has effectively turned home networks into additional corporate infrastructure. Cybercriminals will develop new, highly mechanized and pervasive attacks to improve their effectiveness against thousands of disparate home networks.
In addition, cybercriminals can use artificial intelligence and machine learning to bypass traditional network filtering techniques used to protect virtual cloud hosts. Instead of launching a classic brute force attack from hijacked IP addresses while IP addresses are blocked, resource optimization algorithms will be used to launch attacks from hijacked IP addresses to multiple services and sectors in order to maximize their lifespan. Distributed algorithms and stimulated learning will be used to identify attack plans. This is primarily aimed at preventing account lockouts.
McAfee predicts that as corporate cloud security improves, attackers will be forced to manually develop highly targeted exploits for specific enterprises, users and applications.
In the near future, attackers will begin to use attack surfaces in this way on devices, networks, and in the cloud.
McAfee predicts an increase in mobile payment exploits based on "receive": a user receives a phishing email, direct or smashing message stating that they can receive a payment, transaction refund, or cash prize by clicking on a payment URL that is malicious. However, instead of receiving the payment, the user sends the payment from their account.
This type of scam can be implemented in the form of schemes in which scammers create a fake call center using product return and service fraud. Attackers send a link by email or SMS, offering a refund via a mobile payment application, without the user realizing that he is agreeing to pay instead of receiving a refund.
The creators of mobile wallets are trying to make it easier for users to understand what exactly they are doing - sending or receiving a payment. Unfortunately, as new payment methods proliferate, fraudsters are able to find victims who either cannot distinguish debit from credit, or may be provoked to take hasty actions through smart social engineering.
McAfee predicts that just as mobile apps have made it easier to transact, technology will make it easier for fraudulent uses to take advantage.
In 2017, 1.7 billion coupons for discounts were scanned using QR codes worldwide, and this number is expected to triple by 2022 to 5.3 billion.
According to the MobileIron report, while 69% of respondents say they can recognize a malicious URL that uses a familiar text format, only 37% of those surveyed believe they can recognize a malicious QR code that uses a unique bitmap format. Given the fact that such codes are designed specifically to hide the text of a URL, it is difficult for users to identify or even suspect malicious QR codes.
Therefore, it is not surprising that QR codes have been used in phishing schemes to bypass anti-phishing solutions designed to detect malicious URLs in emails. They can also be used on web pages or social networks.
In such schemes, victims scan fraudulent QR codes and are taken to malicious sites, where they are asked to provide a username, personal information, usernames and passwords, as well as payment information, which the criminals then use. Websites can also be used to download malware onto a user's device.
McAfee predicts that hackers will increasingly use similar QR code schemes and improve them using social engineering techniques. For example, knowing that business owners want to download apps to generate QR codes, attackers will lure users into downloading malicious, fake apps. In the process of generating a QR code (or even simulating the creation of a correct QR code), malicious applications steal the victim's confidential data, which fraudsters can subsequently use for various illegal purposes.
Although QR codes are a safe and convenient mechanism in themselves, it is predicted that in 2021 and in the years to come, attackers will certainly use them for their own purposes.
McAfee has observed that cybercriminals are increasingly using the messaging features of LinkedIn, WhatsApp, Facebook and Twitter to interact, develop relationships with corporate employees, and then compromise them. Through these victims, cybercriminals gain access to enterprise data. McAfee predicts cybercriminals will expand their use of this attack vector in 2021 and beyond for a number of reasons.
Just as individuals and organizations engage prospective customers and customers on social platforms by gathering information, developing specialized content, and conducting targeted customer interactions, attackers can similarly use these attributes to attack key employees and decision makers.
In addition, individual employees interact with social media, combining professional activity and personal life. Enterprises are enforcing security controls for corporate devices and restricting consumer device access to corporate IT assets, while user activity on social media platforms is not similarly tracked or monitored. As mentioned, direct messaging on LinkedIn and Twitter won't be the only issue of concern for the Corporate Security Operations Center (SOC).
While it is unlikely that email will ever be replaced as an attack vector, McAfee predicts that attack vectors against social media platforms will become more prevalent in 2021 and beyond, especially among the most advanced attackers.
The number of Internet users, their online activity and the popularity of digital services are growing every year in the world. Cyber fraudsters also do not sleep - they constantly come up with new tricks and improve plans for cyber attacks. According to experts, in 2021, criminals will target cloud platforms, home offices, users of mobile devices, social networks and QR codes.
1. Spreading backdoor reception in the supply chain
On December 13, 2020, the cybersecurity sector learned that attackers attacking government actors had compromised SolarWinds' Orion IT monitoring and control software and used it to distribute a malicious software backdoor called "SUNBURST" to dozens of customers of the company, including several strategically important government agencies. USA.The attack also affected businesses. Unlike government agencies, which store sensitive information on isolated networks, private organizations often hold important intellectual property on Internet-accessible networks. It is difficult to determine which intellectual property objects or personal data of employees were stolen, and the full extent of the theft may forever remain unknown.
This type of attack also poses a threat to ordinary people. With many devices connected to the network in modern homes, hacking into consumer electronics companies could lead attackers to use access to smart devices such as televisions, virtual assistants, and smartphones to take over their data or use them as a gateway for attacks. to enterprises, while users work remotely from home.
This type of attack is dangerous because it uses trusted software to bypass cyber defenses, infiltrate victim organizations with a backdoor, and allow the attacker to take action. The result is theft or destruction of data, shutdown of critical systems for ransom, orchestrating system failures that result in kinetic damage, or simply injecting additional malicious content across an organization's network to maintain control even after the initial threat , passed.
2. Hacking home systems to get into the office
In 2020, employees switched to remote work, turning their home environment into a work environment. Monitoring McAfee Secure Home Platform devices since the start of the pandemic has shown a 22% increase in the number of home connected devices globally and 60% in the United States. Over 70% of traffic comes from smartphones, laptops, PCs and TVs, and over 29% comes from internet-connected consumer electronics such as streaming devices, game consoles, smart accessories, gadgets and smart lighting systems.Cybercriminals have focused on attacks on home systems. The number of malicious phishing links blocked by McAfee increased by more than 21% between March and November, with an average of over 400 links per home.
Many of the home devices have been left unprotected because manufacturers do not properly support them with security updates that address new threats or vulnerabilities.
A home environment is different from a corporate office environment filled with devices that are "hardened" with enterprise-grade security. Cybercriminals will use the home as a platform for hacking campaigns that target not only our families, but corporations as well. Hackers will take advantage of the home's lack of regular firmware and security updates, lax privacy policies, system vulnerabilities, and user exposure to social engineering.
To compromise the home environment, attackers will launch various attacks on both corporate and consumer devices in 2021.
3. Mechanized and specialized attacks on cloud platforms
Attacks on cloud platforms will become highly polarized, either "mechanized and widespread" or "sophisticated and highly specialized."The COVID-19 pandemic has also accelerated the transition of corporate IT services to the cloud, which has increased the potential for new attack patterns on enterprises in it.
There was a significant increase in the number of attacks on cloud accounts, which is estimated to have increased by 630% overall, with differences in the sectors targeted. The transport industry took the lead with a 1350% increase in cloud attacks, followed by education (+ 1114%), government (+ 773%), manufacturing (+ 679%), financial services (+ 571%), and energy and utilities. services (+ 472%).
The rise in the number of unmanaged devices accessing the corporate cloud has effectively turned home networks into additional corporate infrastructure. Cybercriminals will develop new, highly mechanized and pervasive attacks to improve their effectiveness against thousands of disparate home networks.
In addition, cybercriminals can use artificial intelligence and machine learning to bypass traditional network filtering techniques used to protect virtual cloud hosts. Instead of launching a classic brute force attack from hijacked IP addresses while IP addresses are blocked, resource optimization algorithms will be used to launch attacks from hijacked IP addresses to multiple services and sectors in order to maximize their lifespan. Distributed algorithms and stimulated learning will be used to identify attack plans. This is primarily aimed at preventing account lockouts.
McAfee predicts that as corporate cloud security improves, attackers will be forced to manually develop highly targeted exploits for specific enterprises, users and applications.
In the near future, attackers will begin to use attack surfaces in this way on devices, networks, and in the cloud.
4. New mobile payment scams
Mobile payments are becoming more popular, the pandemic has also accelerated the spread of mobile payment methods as consumers have sought to avoid contact payments.McAfee predicts an increase in mobile payment exploits based on "receive": a user receives a phishing email, direct or smashing message stating that they can receive a payment, transaction refund, or cash prize by clicking on a payment URL that is malicious. However, instead of receiving the payment, the user sends the payment from their account.
This type of scam can be implemented in the form of schemes in which scammers create a fake call center using product return and service fraud. Attackers send a link by email or SMS, offering a refund via a mobile payment application, without the user realizing that he is agreeing to pay instead of receiving a refund.
The creators of mobile wallets are trying to make it easier for users to understand what exactly they are doing - sending or receiving a payment. Unfortunately, as new payment methods proliferate, fraudsters are able to find victims who either cannot distinguish debit from credit, or may be provoked to take hasty actions through smart social engineering.
McAfee predicts that just as mobile apps have made it easier to transact, technology will make it easier for fraudulent uses to take advantage.
5. Cushing: illegal use of QR codes during the COVID-19 pandemic
Cybercriminals will seek new and increasingly sophisticated ways to use QR codes to gain access to the personal data of consumer victims.In 2017, 1.7 billion coupons for discounts were scanned using QR codes worldwide, and this number is expected to triple by 2022 to 5.3 billion.
According to the MobileIron report, while 69% of respondents say they can recognize a malicious URL that uses a familiar text format, only 37% of those surveyed believe they can recognize a malicious QR code that uses a unique bitmap format. Given the fact that such codes are designed specifically to hide the text of a URL, it is difficult for users to identify or even suspect malicious QR codes.
Therefore, it is not surprising that QR codes have been used in phishing schemes to bypass anti-phishing solutions designed to detect malicious URLs in emails. They can also be used on web pages or social networks.
In such schemes, victims scan fraudulent QR codes and are taken to malicious sites, where they are asked to provide a username, personal information, usernames and passwords, as well as payment information, which the criminals then use. Websites can also be used to download malware onto a user's device.
McAfee predicts that hackers will increasingly use similar QR code schemes and improve them using social engineering techniques. For example, knowing that business owners want to download apps to generate QR codes, attackers will lure users into downloading malicious, fake apps. In the process of generating a QR code (or even simulating the creation of a correct QR code), malicious applications steal the victim's confidential data, which fraudsters can subsequently use for various illegal purposes.
Although QR codes are a safe and convenient mechanism in themselves, it is predicted that in 2021 and in the years to come, attackers will certainly use them for their own purposes.
6. Social networks - a new vector of attacks on employers
McAfee predicts that sophisticated cybercriminals will increasingly target, contact and compromise corporate victims using social media as an attack vector.McAfee has observed that cybercriminals are increasingly using the messaging features of LinkedIn, WhatsApp, Facebook and Twitter to interact, develop relationships with corporate employees, and then compromise them. Through these victims, cybercriminals gain access to enterprise data. McAfee predicts cybercriminals will expand their use of this attack vector in 2021 and beyond for a number of reasons.
Just as individuals and organizations engage prospective customers and customers on social platforms by gathering information, developing specialized content, and conducting targeted customer interactions, attackers can similarly use these attributes to attack key employees and decision makers.
In addition, individual employees interact with social media, combining professional activity and personal life. Enterprises are enforcing security controls for corporate devices and restricting consumer device access to corporate IT assets, while user activity on social media platforms is not similarly tracked or monitored. As mentioned, direct messaging on LinkedIn and Twitter won't be the only issue of concern for the Corporate Security Operations Center (SOC).
While it is unlikely that email will ever be replaced as an attack vector, McAfee predicts that attack vectors against social media platforms will become more prevalent in 2021 and beyond, especially among the most advanced attackers.
