Bitcoin, mobile payments battle against cyberthreats
text size

Bitcoin, mobile payments battle against cyberthreats

Bitcoin and exchanges, artificial intelligence (AI) and the Internet of Things (IoT) are among the top cybersecurity attack trends in 2018, with mobile payments a primary target in Thailand, says a leading global technology firm.

"In 2018 there will be great interest in attacking or compromising coin exchanges and users' coin wallets because they are the easiest target and provide a high return due to bitcoin's surge in value," said Sherif El Nabawi, Symantec's senior director for system engineering in Asia-Pacific.

This year several coin exchanges were attacked. Regulators need to devise some degree of security standards for coin exchanges to protect themselves, Mr El Nabawi said.

Thailand has several big exchange players. Attackers have also tricked victims into bitcoin mining on their computers and mobile devices.

Mr El Nabawi said cybercriminals will use AI and machine learning (ML) to conduct attacks. Leading cybersecurity firms have embraced AI and ML to detect unknown threats, but in 2018, cybercriminals will use these technologies to attack and explore victim's network.

The rise of cybercriminals using AI has led to larger amounts of data ending up for sale on the black market. This will lead to a trend called "supply chain attack".

These are cyber-attacks that are intended to damage an organisation by targeting less-secure elements in the supply network. In these instances, cyber-attackers have political motivations and their targets are national or state agencies.

"Cyber-attackers target suppliers' vulnerabilities to get to their target victims, like the Defence Ministry," Mr El Nabawi said, adding that the stolen data can then be sold on the black market.

He said that because the cybersecurity vendors are using AI, cybercriminals also try to avoid being detected by it, prompting them to develop "file-less and file-light" malware. Symantec expects that these forms of malware, which leave less of a footprint in the file system and are harder for AI to trace, to become more prominent than traditional malware.

Mr El Nabawi said financial trojans will still cause greater losses than ransomware because cybercriminals can profit more from attacking mobile banking applications.

"The rise of national e-payment, mobile e-wallet and mobile banking systems, including the SMS one-time password code, will force banks to protect their core systems," he said.

Mobile users also need to learn to protect themselves, he added, noting that the rise of security as a service has raised concerns about regulations, privacy and penalties in cases of data breach.

Symantec predicts that business organisations will also struggle more from infrastructure as a service breaches.

IoT devices, in particular connected TV and electronically connected appliances, will also be targeted for ransom. Attackers will compromise those devices, using hundreds of thousands of them in users' homes and workplaces to generate traffic for distributed denial of service (DDoS) attacks.

Beyond DDoS attacks and ransomware, home IoT devices with default settings that have not been updated will provide backdoor access to victims' residences and even business networks if business-related devices have been used at home.

Do you like the content of this article?