.JPG)
The rise and diversification in mobile malware, multi-actor attacks on banks, cryptocurrencies and privacy breaches through the IoT are some of the threats that the security company believes will be on the rise over the next year.
According to Kaspersky Lab's analysis, 2017 has been an interesting year for Latin America and almost all of the predictions they presented about cyber attacks, published in November 2016, came true in the regional scenario. The year featured different financial attacks such as Ploutus, Ice5, Prilex, among others.
The WannaCry and NotPetya attacks put many companies in check, not only in European countries, but also in Latin America. In addition, the increase in techniques imported and adopted regionally continues to be observed, such as the use of powershell in LNK files for their propagation.
According to Fabio Assolini, senior security analyst at Kaspersky Lab, 2018 will be a more complex year from the point of view of the diversity and scope of attacks.
“Of course, the targets will not only be end users, but also their hardware and service providers. For example, we believe that financial service providers will have to deal with situations that have not been seen before”, says the analyst.
What awaits us in 2018? Will we continue with the same attack scenario or will something change? Below are the Kaspersky Lab Latin America research and analysis team's exclusive forecasts for the region:
1. Adoption and use of targeted attack techniques (APTs) in cyber attacks against end users. Cybercriminals in the region will continue to closely monitor reports of targeted attacks and copy the techniques used by attackers to infect end-user devices. In such a scenario, where advanced cyber arsenal is used against home users, this will allow attackers to get a higher number of victims.
2. Multiple attacks against banks. Banks in the region will face the new reality of multiple attacks with hybrid attack vectors and techniques that will allow cybercriminals to subtract large amounts of money directly from the bank's assets. Fintechs can also be targets of these attacks, which can use “insiders” (employees with knowledge of the internal infrastructure, who collaborate with the attackers). We will also see the adoption of malicious technologies for ATMs, as well as internal servers and other stations within the networks of banking institutions.
3. Covert military cyber operations in the region in order to subtract confidential information from neighboring states. Although this practice has existed for at least the last 5 years, its proliferation will be even greater. Even states that do not have their own scientific potential for developing advanced threats at home will already be on the battlefield, using third-party weapons acquired from different companies specializing in the development of spy platforms.
4. Adoption of international mobile malware builders and preparation of regional models in Spanish and Portuguese. This tactic will give cybercriminals an advantage over mobile infections by installing different types of malware onto the Android platform, from Bankers to Ransomware/Lockers, which demand money through conventional or electronic payment systems. Social engineering will be the main vector to infect devices with mobile malware.
5. Increase in attacks on small and medium-sized companies, particularly those dealing with point-of-sale (PoS) systems, in particular those responsible for processing chip and PIN-protected card transactions. Cybercriminals will look for new ways to continue cloning credit and debit cards despite protections implemented under the EMV standard.
6. Attacks on cryptocurrency systems and users and mining abuses for their generation. The rise in the value of cryptocurrencies has captured the attention of cybercriminals and this has caused an increase in the number of malware designed for theft. Web pages created for this purpose or compromised will also be discovered, being used to abuse the hardware resources of the computers of users who visit these sites for the generation or mining of cryptocurrencies. This type of threat is undetectable to some extent and only under certain circumstances will users be able to realize why their computer might be “slow”. This threat has not only been discovered on websites but also on some Android apps.
7. Security and privacy loopholes in connected devices. The Internet of Things (IoT) will become more relevant in the IT security landscape through the massive inclusion of smart devices in homes, making them part of our lives on a constant basis. According to Thiago Marques, security analyst at Kaspersky Lab, “the vulnerabilities in this type of device will pose not only a security issue, but a privacy issue and debates about the limits within which a device can access our private information. From medical implants to connected cars, there will be countless possibilities for attackers to find new ways to carry out their attacks.”
Finally, let's not forget that the FIFA World Cup, which will be held in Russia next year, is coming. With that, there will be many types of attacks starting with trivial attacks like phishing followed by malware, DDoS attacks and other attacks like ATM theft. This global event will boost cybercriminal attacks in the region – which, unfortunately, will result in many victims.
To protect your information and devices from cybercriminals, Kaspersky Lab analysts advise you to:
– Use the security features that come with your devices: Set up a strong password and keep your software up to date. Not just on phones and computers, but on everything connected.
– Be selective when choosing a smart device. Ask yourself: does this really need an internet connection? If the answer is yes, take the opportunity to understand the device options before buying. Don't trust everything: if you don't know the address, content or link of an email/post/instant message or a suspicious link, don't click on it. If it looks like it comes from someone you know, check with that person first.
– Remember that banks and online payment systems will never ask you to verify all your credentials in a single message. If you receive a request that appears to be from them, reach out to them first.
– Install apps from well-known stores, created by renowned developers.
– Complement OS/device security with additional software especially to keep your family, business and finances safe.
According to Kaspersky Lab's analysis, 2017 has been an interesting year for Latin America and almost all of the predictions they presented about cyber attacks, published in November 2016, came true in the regional scenario. The year featured different financial attacks such as Ploutus, Ice5, Prilex, among others.
The WannaCry and NotPetya attacks put many companies in check, not only in European countries, but also in Latin America. In addition, the increase in techniques imported and adopted regionally continues to be observed, such as the use of powershell in LNK files for their propagation.
According to Fabio Assolini, senior security analyst at Kaspersky Lab, 2018 will be a more complex year from the point of view of the diversity and scope of attacks.
“Of course, the targets will not only be end users, but also their hardware and service providers. For example, we believe that financial service providers will have to deal with situations that have not been seen before”, says the analyst.
What awaits us in 2018? Will we continue with the same attack scenario or will something change? Below are the Kaspersky Lab Latin America research and analysis team's exclusive forecasts for the region:
1. Adoption and use of targeted attack techniques (APTs) in cyber attacks against end users. Cybercriminals in the region will continue to closely monitor reports of targeted attacks and copy the techniques used by attackers to infect end-user devices. In such a scenario, where advanced cyber arsenal is used against home users, this will allow attackers to get a higher number of victims.
2. Multiple attacks against banks. Banks in the region will face the new reality of multiple attacks with hybrid attack vectors and techniques that will allow cybercriminals to subtract large amounts of money directly from the bank's assets. Fintechs can also be targets of these attacks, which can use “insiders” (employees with knowledge of the internal infrastructure, who collaborate with the attackers). We will also see the adoption of malicious technologies for ATMs, as well as internal servers and other stations within the networks of banking institutions.
3. Covert military cyber operations in the region in order to subtract confidential information from neighboring states. Although this practice has existed for at least the last 5 years, its proliferation will be even greater. Even states that do not have their own scientific potential for developing advanced threats at home will already be on the battlefield, using third-party weapons acquired from different companies specializing in the development of spy platforms.
4. Adoption of international mobile malware builders and preparation of regional models in Spanish and Portuguese. This tactic will give cybercriminals an advantage over mobile infections by installing different types of malware onto the Android platform, from Bankers to Ransomware/Lockers, which demand money through conventional or electronic payment systems. Social engineering will be the main vector to infect devices with mobile malware.
5. Increase in attacks on small and medium-sized companies, particularly those dealing with point-of-sale (PoS) systems, in particular those responsible for processing chip and PIN-protected card transactions. Cybercriminals will look for new ways to continue cloning credit and debit cards despite protections implemented under the EMV standard.
6. Attacks on cryptocurrency systems and users and mining abuses for their generation. The rise in the value of cryptocurrencies has captured the attention of cybercriminals and this has caused an increase in the number of malware designed for theft. Web pages created for this purpose or compromised will also be discovered, being used to abuse the hardware resources of the computers of users who visit these sites for the generation or mining of cryptocurrencies. This type of threat is undetectable to some extent and only under certain circumstances will users be able to realize why their computer might be “slow”. This threat has not only been discovered on websites but also on some Android apps.
7. Security and privacy loopholes in connected devices. The Internet of Things (IoT) will become more relevant in the IT security landscape through the massive inclusion of smart devices in homes, making them part of our lives on a constant basis. According to Thiago Marques, security analyst at Kaspersky Lab, “the vulnerabilities in this type of device will pose not only a security issue, but a privacy issue and debates about the limits within which a device can access our private information. From medical implants to connected cars, there will be countless possibilities for attackers to find new ways to carry out their attacks.”
Finally, let's not forget that the FIFA World Cup, which will be held in Russia next year, is coming. With that, there will be many types of attacks starting with trivial attacks like phishing followed by malware, DDoS attacks and other attacks like ATM theft. This global event will boost cybercriminal attacks in the region – which, unfortunately, will result in many victims.
To protect your information and devices from cybercriminals, Kaspersky Lab analysts advise you to:
– Use the security features that come with your devices: Set up a strong password and keep your software up to date. Not just on phones and computers, but on everything connected.
– Be selective when choosing a smart device. Ask yourself: does this really need an internet connection? If the answer is yes, take the opportunity to understand the device options before buying. Don't trust everything: if you don't know the address, content or link of an email/post/instant message or a suspicious link, don't click on it. If it looks like it comes from someone you know, check with that person first.
– Remember that banks and online payment systems will never ask you to verify all your credentials in a single message. If you receive a request that appears to be from them, reach out to them first.
– Install apps from well-known stores, created by renowned developers.
– Complement OS/device security with additional software especially to keep your family, business and finances safe.
EN 
PT 
