Edition: International | Greek
MENU

Home » Analyses

Here are the biggest cybercrime trends of 2019

Cybercriminals are using more advanced and scalable tools to breach user privacy, and they are getting results. Two billion data records were compromised in 2017, and more than 4.5 billion records were breached in the first half of 2018 alone

By: EBR - Posted: Friday, March 8, 2019

We predict that 2020 will be known for advanced phishing attacks, due to the number of new phishing kits available on the dark web. These kits enable people with only basic technical knowledge to run their own phishing attacks. With more tools available, phishing will become an even more dangerous attack method.
We predict that 2020 will be known for advanced phishing attacks, due to the number of new phishing kits available on the dark web. These kits enable people with only basic technical knowledge to run their own phishing attacks. With more tools available, phishing will become an even more dangerous attack method.

By Einaras von Gravrock*

Cybercriminals are using more advanced and scalable tools to breach user privacy, and they are getting results. Two billion data records were compromised in 2017, and more than 4.5 billion records were breached in the first half of 2018 alone.

Here are the most pressing cybersecurity issues in 2019, as well as rising trends into 2020.

Advanced phishing kits

Four new malware samples are created every second. Phishing remains one of the most successful attack vectors due to its speed, as most phishing sites stay online for just four to five hours. Users only report 17% of phishing attacks, and it is seen as a low-risk type of activity.

As a result, today only 65% of all URLs are considered trustworthy. This puts a strain on both the consumer and any enterprise with an online presence.

We predict that 2020 will be known for advanced phishing attacks, due to the number of new phishing kits available on the dark web. These kits enable people with only basic technical knowledge to run their own phishing attacks. With more tools available, phishing will become an even more dangerous attack method.

Remote access attacks

Remote attacks are growing in number, as well as becoming more sophisticated. One of the main types of remote access attack in 2018 was cryptojacking, which targeted cryptocurrency owners. Another popular type of attack threatened perimeter devices.

According to our threat intelligence database, remote access attacks are among the most common attack vectors in a connected home. Hackers target computers, smartphones, internet protocol (IP) cameras and network attached storage (NAS) devices, since these tools usually need to have ports open and forwarded to external networks or the internet.

Attacks via smartphones

One of the most common attack vectors to smartphones are related to unsafe browsing (phishing, spear phishing, malware). More than 60% of fraud online is accomplished through mobile platforms, according to RSA, and 80% of mobile fraud is achieved through mobile apps instead of mobile web browsers.

As most people use their phones to manage financial operations or handle sensitive data outside the security of their home network, this becomes a prominent threat. The fact that users typically hold all their information on their phone, and that smartphones are now used for two-factor authentication - one of the most widely used cybersecurity tools - increases the security risk if the device is lost or stolen.

Vulnerabilities in home automation and the Internet of Things

The consumer Internet of Things (IoT) industry is expected to grow to more than seven billion devices by the end of 2020, according to Gartner. Many consumers do not see IoT devices as a vulnerability, because a significant portion of them do not have a user interface. This could lead to issues understanding what kind of data the device collects or manages.

However, IoT devices are not only collecting valuable user data. They could become an entry point for an attacker or tool to launch a distributed denial-of-service (DDoS) attack. IoT devices are not secure by design, because putting a focus on security would significantly increase manufacturing and maintenance expenses.

According to CUJO AI threat intelligence data, 46% of all attack types that these devices experience are remote access attempts and 39% are used for detecting behavioural patterns. With the exponential growth of connected devices at home, these threats are likely to increase.

Utilizing artificial intelligence

Most of the biggest industries already use machine learning (ML) and artificial intelligence (AI) to automate their processes and improve overall performance. Cybersecurity and cybercrime are no exception.

AI is often considered to be a dual-use technology - while more cybersecurity companies are implementing AI-driven algorithms to prevent threats, hackers are also taking the opportunity to become more effective.

The majority of AI qualities serve malicious purposes. AI systems are cheap, scalable, automated, anonymous and they provide physical and psychological distance for the attacker, diminishing the immediate morality around cybercrime.

- Artificial intelligence for cybersecurity evasion. Cybercriminals are using various evasion methods to avoid detection, and AI helps to optimize different elements of this process.

- Artificial intelligence in phishing. AI could help to create content that can pass through typical cybersecurity filters, such as email messages that are indistinguishable from those written by humans.

- Artificial intelligence in social engineering. While social engineering is one of the most popular hacking techniques, it takes a lot of time to implement properly. AI could help in not only collecting information, but also by writing emails or calling potential victims.

With new advances in AI-driven technology, utilizing AI in cyber attacks will become an even more popular and dangerous trend.

*Chief Executive Officer and Founder, CUJO AI
** First published in weforum.org

READ ALSO

EU Actually

UK’s biggest trade deal since Brexit

N. Peter KramerBy: N. Peter Kramer

The UK became the first European nation to join a major Indo-Pacific trading bloc, in what has hailed as the country’s biggest trade deal since Brexit

View 04/2021 2021 Digital edition

Magazine

Current Issue

04/2021 2021

View past issues
Subscribe
Advertise
Digital edition

Europe

Getting serious about AI rules: Lack of enforcement capacity puts EU at risk

Getting serious about AI rules: Lack of enforcement capacity puts EU at risk

The European AI Office needs to grow to over 200 staff members implementing the rules for AI next year

Business

Female empowerment in the workplace, it’s more than equality, it’s leadership

Female empowerment in the workplace, it’s more than equality, it’s leadership

Europe’s rules for improving gender balance in the hierarchy of listed companies are paying dividends

MARKET INDICES

Powered by Investing.com
All contents © Copyright EMG Strategic Consulting Ltd. 1997-2024. All Rights Reserved   |   Home Page  |   Disclaimer  |   Website by Theratron