Ransomware Threats Are Predicted To Decrease This Year, Crypto and NFT Attacks Will Increase

The time of the pandemic coincided with the emergence of targeted ransomware attacks around the world. (photo: doc. unsplash)

JAKARTA - Two years after the pandemic, the whole world is gearing up for recovery. In 2022, companies and communities are gearing up for a return to normalcy, by starting work-from-office policies, face-to-face schools, and more.

Like last year, cybercriminals can target a wide range of industries, from airlines, hospitals, government websites, banks, telecommunications companies, universities, e-commerce, and even social media giants through a variety of sophisticated means.

To prevent changing cyber threats and secure the recovery phase of countries in the Southeast Asia region, experts from Kaspersky's Global Research and Analysis Team (GReAT) reveal the top four trends to watch out for this year. The following is the explanation quoted by VOI, Friday, January 14.

1. The Decrease of Targeted Ransomware Attacks

The time of the pandemic coincided with the emergence of targeted ransomware attacks around the world. This attack focuses on the most critical sectors as well as businesses that are sensitive to disruption.

Several companies from Southeast Asia were among the victims of the attack. However, with strong international cooperation and multiple task forces to track ransomware clusters, Kaspersky experts believe that the number of such attacks will decrease over the course of 2022.

“The initial initiation was carried out by the United States (US) government, involving the FBI, and even the US Cyber ​​Command's offensive capabilities. Kaspersky anticipates that such attacks may emerge at any time, with a focus on attacking developing countries with minimal cyber investigation capabilities or countries that are not US allies,” said Kaspersky Director of Global Research & Analysis Team (GReAT), Vitaly Kamluk.

Given the geopolitical stance of some countries in Southeast Asia, it is likely that there will be fewer or no such attacks on countries in the region by 2022.

However, the widely available hosting services offered by countries like Singapore and Malaysia, data center services, and infrastructure can still be abused by targeted ransomware groups.

2. Advanced Online Fraud and Social Engineering

One of the characteristics of citizens of developing countries is the desire to feel safe. A large investment in technology, including cybersecurity, can result in a feeling of security online in the long run.

Thus, the general population can be more protected from traditional cyber threats, but it is more difficult to find unprotected infrastructure or infected users.

This is why attackers prefer non-tech-focused attacks, exploiting human vulnerabilities, involving all kinds of social engineering via SMS, automated phone calls, popular messengers, social networks, and more.

The number of scam reports continues to increase from year to year according to the Singapore Police, in 2021 it will increase by 16 percent, in 2020 it will increase by 108.8 percent, then in 2019 it will be 27.1 percent, and 19.5 in 2018.

This is also relevant to other countries in the region. Thailand, for example, nearly 40,000 people became victims of online fraud, indicated by unknown transactions from their bank accounts and credit cards.

Scammers also used fake bank websites to steal Malaysian banking details last year. Impersonation of the top e-commerce platform in Vietnam is also used to trick users into sending money.

“This trend is being driven by the automation of some services, such as automated dialing and automated pre-messaging in the hopes of triggering manual, human-driven fraud operations. We believe this trend will develop further in the future, including the production of customized documents for victims, images, deep fake videos, and sound synthesis," said Kamluk.

Kamluk added, it is likely that there will be a shift back from computer-assisted threat schemes (fraud) to purely cybercrimes based on the complete compromise of digital assets, such as user accounts, smartphones, personal computers.

"We predict that such sophisticated technical fraud is likely to start happening in 2022," Kamluk explained.

3. More Data Breach by Unknown Attackers

With less targeted ransomware attacks openly exposing stolen data, it is claimed this year will see more stolen data being traded on the black market.

"In recent years, we have observed that in many cases of data breaches, victims are unable to identify the attackers, or know how the schemes led to their personal data being stolen," Kamluk said.

"While there is always a challenge to identify attackers and find out the source of the breach, the percentage of such cases has increased significantly in the last two years reaching over 75% according to Kaspersky research," he added.

Kaspersky experts see this as no longer just a challenge, but also a signal that encourages passive cybercriminals to launch their threats through data theft and illegal trade.

Thus, this year may be faced with more numbers of stolen databases, internal communications, and various personal details stolen from various companies to be traded on the black market.

4. Cryptocurrency and NFT Industry Attacks

By observing sophisticated attackers with skilled human resources, such as the Lazarus group and its sub-group, BlueNoroff, Kaspersky researchers conclude that this year will also be faced with a more significant wave of attacks against cryptocurrency businesses.

Even the growing NFT industry has not been spared the targets of cybercriminals. This is due to the fact that countries in Southeast Asia are leading the way in terms of NFT ownership, with the Philippines topping the list with 32 percent saying they own the digital asset.

Among the 20 countries surveyed, Thailand (26.2 percent) ranks second followed by Malaysia (23.9 percent). Vietnam is ranked 5th (17.4 percent) and Singapore is ranked 14th (6.8 percent).

“From direct attacks on employees of cryptocurrency startups and exchanges through sophisticated social engineering, software exploits, and even fake suppliers to mass attacks through supply chain software or its components. We may see an increase in such cases," Kamluk said.

"Plus, we will see more incidents of NFT property theft in the years to come. Being a completely new area of ​​this, it will require more skilled investigators to tackle the initial wave of such attacks," he added.

Moreover, experts from global cybersecurity companies predict that this attack will not only impact the global cryptocurrency market but also the share prices of individual companies, which will also be monetized by attackers through illegal trading of stock market insights.