Cybercriminals locating more victims
Cybercriminals are expanding their targets to e-sports, satellite internet, edge computing and crypto wallets to reach more victims in the digital world, says Fortinet, a global cybersecurity company.
Rattipong Putthacharoen, senior manager for systems engineering at Fortinet, said cybercriminals are investing more time and strategy to prepare attacks through reconnaissance.
There will be a rise of crime-as-a-service offering, including malware-as-a-service, phishing and botnet-as-a-service and the sale of access to pre-compromised targets, he noted.
FortiGuard Labs foresees ransomware will get more destructive as it will combine with distributed denial-of-service (DDoS), which will create additional urgency for companies to pay up quickly, he said.
FortiGuard Labs expects to see new proof-of-concept (POC) threats targeting satellite networks as satellite-based internet access continues to grow, he said.
The biggest targets will be organisations that rely on satellite-based connectivity to support low-latency activities, such as online gaming or delivering critical services to remote locations, as well as remote field offices, pipelines, or cruises and airlines, Mr Rattipong said.
More malware will be designed specifically to target stored credentials and to drain digital wallets as the usage of digital wallets is on the rise, he said.
E-sports is another target of attackers, who are using DDos attacks, ransomware, financial theft or social engineering attacks, since gamers require constant connectivity and are often played out of inconsistently secured home networks or in situations with large amounts of open WiFi access.
The global e-sports industry is on track to surpass US$1 billion in revenue this year.
According to Mr Rattipong, a new edge-based threat is emerging. Malware will leverage existing toolsets and capabilities within compromised environments so attacks and data exfiltration look like normal system activity and go unnoticed.
Edge malware could monitor edge activities and data and then steal, hijack, or even ransom critical systems, applications and information while avoiding being detected.
Additionally, cybercriminals are leveraging artificial intelligence (AI) to master deep fake and thwart the complicated algorithms used to detect abnormal activities.
"Deep fake technology will drive more social engineering attacks, starting with e-mails," said Mr Rattipong.
The bar to creating deep fakes will be lowered through the continued commercialisation of advanced applications, he said.
These could eventually lead to real-time impersonations over voice and video applications that could pass biometric analysis posing challenges for secure forms of authentication such as voiceprints or facial recognition.