Consumers will need to be extra vigilant in the New Year as established threats like ransomware and email phishing increasingly target individuals, while web skimming hacks grow, and new automated attack methods emerge using off-the-shelf artificialintelligence and machine learning tools.
Artificial intelligence and machine learning
Artificial intelligence and machine learning are already widely used in cyber security to predict and counter emerging threats. However, it’s likely that cyber crooks will begin to take advantage of these technologies as they become increasingly accessible. In short, we can expect to see attacks that are faster, more adaptive and more difficult to capture. For instance, targets could include customised social network attacks designed to steal user data for identity theft, as well as specific attacks on companies.
Web skimming attacks
In terms of specific attacks and malware there will be an increase in web skimming attacks. These have been very prominent in 2018, for instance, the attack on British Airways’ website in which 380,000 payment card details were stolen as people made purchases. These types of attacks have taken place all over the world and have proven to be lucrative for fraudsters. In 2019 they will continue but attacks are likely to become even more sophisticated by also stealing log-in credentials and other sensitive information.
The financial sector should also be bracing itself. New hacking groups that focus on European financial services outfits have emerged so there will inevitably be a ramping up of successful attacks. Banks face hundreds of probes, if not more, on their networks every day and successfully defend against them. But advanced social engineering campaigns targeting internal employees or third party companies connected to the bank are not as easy to detect and stop. Fraudsters will leverage the flood of leaked data from other organisations by identifying employees, to prepare and plot this new wave of attacks.
Email phishing attacks
Email spam and phishing attacks will also continue at a pace with incidents recorded every day. These are relatively old techniques but they are successful hence their continued popularity among attackers. That said, we’re set to see an increase in email social engineering attacks in which individuals are targeted. Once an attacker has chosen a victim they can craft personalised phishing mails that are extremely convincing. There will be a spike in these types of personalised attacks.
There is a wave of privacy awareness sweeping across Europe and the US following high profile revelations about how personal data is collected, used and sold-on by large organisations. As such, expect to see an increased uptake of the use of virtual private networks (VPNs) by consumers, who don’t want to be tracked on the internet, want to communicate with friends and family privately and want to access entertainment services wherever they are.
Phishing emails will still cause lots of damage by exploiting the unwary. There is a huge underground industry dedicated to cybercrime with cyber fraudsters continually developing ever more sophisticated attacks. The bottom line is that consumers and businesses should be vigilant when online and protect themselves with good cyber security.