Cyber-attacks will become more severe this year, with more sophisticated tactics and the prospect of sabotaging critical digital assets, according to Cyfirma, a Singapore-based cybersecurity company.
"For this year, cybercriminals will continue to evolve, attaining greater sophistication and modifying their tactics, techniques and procedures to outsmart cyberdefenders," said Saurabh Lal, president of delivery and operations at Cyfirma, in a webinar held in partnership with nForce Secure, a Thai IT security distributor.
"With the development and wider adoption of new technologies like 5G, cryptocurrencies and industrial robotics, attackers will find renewed motivation to diversify with attacks that are not easy to foresee and difficult to mitigate."
Cyfirma also highlighted 10 cyberthreats that would come to the fore this year.
The first concerns the fact that hackers will leverage technology, such as Internet of Things (IoT) in the industrial sector, for cybercrimes.
The development of "digital twins", featuring digital simulations of entire buildings, cities and systems, offers a treasure trove of data and access points to those with nefarious intentions.
The second threat concerns cybercrimes with tradeable, exchangeable and investment-worthy assets, while the third lies in more violence through kinetic cyber-attacks as a result of geopolitical tensions and commercial competition, which could result in physical damage and loss of human life.
The fourth concerns the stealing of intellectual property for economic and social goals, and the fifth involves the mainstreaming of cyberwarfare: business entities and private players will adopt cyber-espionage to advance their commercial interests.
The sixth cyberthreat refers to ransomware that will leverage IoT as entry points, targeting third-party software and operational technology. For the seventh, cybercriminals will mount attacks to take over mobile devices and demand ransoms knowing that many will succumb to the extortion tactics.
For the eighth, attackers will move from data exfiltration to confiscation by not only encrypting victims' data but also deleting or destroying sensitive and critical digital assets.
The ninth cyberthreat concerns the fact that attackers are paying more attention to people's behaviour and transaction of data alongside an increase in social media digital footprints and online purchasing activities.
Data with behavioural hints and consumers' personally identifiable financial information presents a lucrative opportunity for cybercriminals.
For the final trend, state-sponsored groups are looking for more collaboration by sharing infrastructure, tools, techniques and tradecraft, making it more difficult to identify threat actors.
Thailand spent US$280 million to counter cyberthreats in 2019 and the spending is expected to surge to $500 million in 2025, said Ho Nam Hoebeke, Cyfirma's chief revenue officer, citing statistics portal Statista.
"We see the rise of cybercriminals, and existing security systems may no longer be enough in terms of inside-out preventive approach," said Nakrop Niamnamtham, chief executive of nForce Secure, adding that an outside-in approach that gives a holistic view of cybersecurity visibility may need to be adopted to guard against cyberthreats.
