Biometric data leaks and targeted ransomware to dominate 2020 threat landscape
Expect attackers to go after devices previously overlooked
Cyber security company Kaspersky has released its predictions for the 2020 threat landscape, noting that cyber attacks are going to become more targeted and increasingly sensitive data leaks will proliferate.
The security firm believes that the trend towards more targeted attacks that have been observed for the past few years will continue and attackers will continue to build their banks of information with biometric data from new breaches.
As biometric technology becomes more prevalent in the technology used by individuals and businesses every day, there is an increased likelihood of the data these scanners collect being leaked.
"Not every adversary has a complete profile of potential victims to abuse, which makes the increasing amount of leaked data very valuable," said Kaspersky.
The trend towards targeted attacks has been especially evident in ransomware which has strayed away from aimless targeting methods to a more methodical approach.
Targets have shifted to the wealthier organisations that have more to lose and are more likely to provide big payouts for quick release of their sensitive data, an act condemned by the industry but often works.
"Throughout the year, we recorded several cases where attackers used targeted ransomware, and we think that a likely future development will be more aggressive attempts to extort money," said Kaspersky. "A potential twist might be that, instead of making files unrecoverable, threat actors will threaten to publish data that they have stolen from the victim company."
Given the success of ransomware in recent years as a tried and tested business model, it’s unlikely that the rate of attacks will decline. Ransomware has been among the top attack vectors for some time but last year it's targeting of UK businesses soared by 195%.
Aside from ransomware, the security company recognised that the shift from data storage has gradually moved away from PCs and servers and more into mobile devices which is why it expects attacks to focus on these devices more in 2020.
Kaspersky cited the 14 vulnerabilities in Apple’s iOS exposed by Google this year as an example of how the focus is shifting to mobile.
Attackers will always go where the valuable data is and it’s ‘only a matter of time’ before more sophisticate mobile attacks are seen more in the wild.
"There are no good reasons to think this will stop any time soon," said Kaspersky. "However, due to the increased attention given to this subject by the security community, we believe the number of attacks being identified and analyzed in detail will also increase."
Attacks are also expected to proliferate on other non-PC targets such as VPN software, networking hardware and other infrastructure.