On-going trade wars will see state-sponsored cyber-attacks gaining momentum while new and emerging technology across 5G, IoT, drones and autonomous systems will expose government and businesses to new threats and risks.
Trade wars will bring new impetus to cybercrime
Recent confrontations between US-China and Japan-South Korea will create a geopolitical supremacy race and fuel cyber-warfare. Strategies such as new tax regime and injunctions prohibiting companies from competing nations will only increase involvement of state-sponsored cybercriminals to further their own industries and political agendas. During the Huawei and US government conﬂict, Huawei blamed the US government for launching systematic attacks to inﬁltrate its networks and possibly harass its employees. A precursor to this was the US government’s banning of Huawei’s products due to security related issues.
Recently in November 2019, to gain an unfair edge in the ongoing trade war, suspected Chinese hackers breached into the National Association of Manufacturers (NAM) IT systems, a US manufacturing group with deep ties with the US government.
Conﬂicts amongst nations will fuel cybercrime
Geopolitical supremacy, war hysteria and historical differences will spur state-sponsored hackers to accelerate their cyber-attack campaigns. Social hacktivists, political parties and large corporations will be drawn to cybercrime as a mean to achieving business and political objectives, thus fueling the expansion of paid hackers’ economy.
Japan and South Korea’s relationship deteriorated rapidly early this year over wartime issues and bilateral trade differences. The acrimony has spilled into cyber and defense arenas with South Korea terminating its bilateral military intelligence pact with Japan in August, and Japan retaliated by relegating South Korea to a diminished position.
Hackers will recycle and reuse existing attack vectors for new cyber-attacks
Entry of new nations such as Vietnam, Iran, Brazil and Spain to cyberwarfare will create new complexities for cyber defenders. Based on CYFIRMA’s research, hacking groups from these nations are employing low-cost modus operandi by reusing old vulnerabilities and existing malwares to make quick gains in furthering their state-sponsored agenda.
CYFIRMA’s intelligence observed a suspected Vietnamese state-sponsored group, OceanLotus, exploiting old vulnerabilities and using existing malwares to attack opinion leaders, inﬂuencers, banks, media houses, real estate agencies and foreign enterprises across several countries including China, Laos, Thailand and Cambodia.
Hacking as a business
Nations starved of ﬁnancial resources will continue to weaponize cyberattacks as their new business model to propel their economy. In addition to direct ﬁnancial gains, the focus will also extend to providing hacking-as-a-service to other nations and corporates. Lazarus Group, suspected to be affiliated with the North Korean government, attacks for ﬁnancial and political gains. Such hacking groups can be hired by other nations and organizations to launch large scale cyber-attacks.
In the ongoing Japan-South Korea spat, CYFIRMA observed ‘hacker-for-rent’ proﬁles from North Korea and Russia being employed to launch cyber-attacks against Japanese companies, especially those in the semiconductor, education, press & media, technology, tourism, cosmetic, and food & beverages industries
Expansion of cyber sleeper cells
There is a race amongst state-sponsored hackers to create a bigger footprint of implants by hacking into other nation’s systems, intended at creating launching pads for future cyber-attacks. Developed and developing nations are continuously hunting and expanding their cyber assets to be used as ammunition for next generation all-out cyberwarfare and global conﬂicts.
Cyber-criminals engineering public opinion
Cyber-criminals are actively involved in changing the social and economic conﬁguration of society by inﬂuencing public opinion, including tampering with state elections. CYFIRMA threat intelligence revealed escalating interests of hackers towards other national apparatus such as social stratiﬁcation, government policies, rating-ranking agencies and other decision-making bodies.
Global sporting events attract hacker’s interests
International sporting events such as Tokyo 2020 Olympic games will notice a change in attack vectors with hackers increased interest in sporting companies, games sponsors, organizing committee and critical infrastructure agencies from the host nation.
Malware attacks will be increasingly complex
Launching malware attacks for sensitive data exﬁltration will continue to be an area of focus for hackers. Multi-homed malware attacks with ability to change its behavior based on environment, systems, applications and instructions will challenge organizations. New variant of ransomware will not only encrypt and demand for ransom but could also reincarnate itself as data exﬁltration malware. Self-generating and self-destroying worms will be heavily deployed by cyber criminals. These are some of the key challenges that will keep cyber-defenders on their toes.
Cyber-criminals are about to have a quantum leap
Quantum computing is receiving increased interest in the hacking community. The technology will accelerate the compromise of cybersecurity schema such as public key infrastructure, complex cryptography, encryption and integrity algorithms in a matter of seconds. The rise of state-sponsored actors could mean malevolent nations facilitating easy access to quantum computing resources to arm cyber-criminals.
Emerging and Elastic Attack Surface
Hackers will continue to advance their attack vectors using emerging technologies such as 5G, Internet of Things (IoT), Autonomous Critical Infrastructure, Artiﬁcial Intelligence, Industry 4.0, Cryptocurrency, Cloud, Virtual Reality (VR), Augmented Reality (AR) and Drones.
The following illustrates the increased vulnerabilities brought upon by the emerging technologies:
- Adoption of 5G will not only increase the speed of connectivity and value-added services for consumers, but will also exponentially increase the speed, impact and exposure of cyber-attacks;
- Taking the trend forward from 2019, hackers will start to target IoT Command Centers and protocols in addition to IoT devices and sensors;
- CYFIRMA’s intelligence research indicated a technological supremacy tussle among hacking groups. Use of automated systems especially during reconnaissance phase of cyberattack to collect vulnerable targets is the new trend;
- Increased usage of machine learning and AI technologies by hackers has resulted in attempts at creating self-generating malware and exploits;
- Autonomous critical infrastructure, digitalization of ecosystems and NextGen industrial controls will constitute a growing attack surface that cyber attackers could leverage to inﬂict signiﬁcant damage;
- Industry 4.0 coupled with predictive supply chain, digitization and interconnected entities will provide radical new opportunities for cybercriminals as risks posed by cyber-threats will become extensive and expensive to manage;
- New attack vectors like identity theft, fraudulent transactions, asset theft, impersonation, injection of malicious code, bypassing the onboarding and off-boarding of accounts and ﬁctitious applications will be used by cyber-criminals to attack ﬁnancial institutions, cryptocurrency exchanges, trading platforms and retail organizations;
- Cloud containers will be targeted by hackers to potentially access client’s data and IT assets. Cloud computing has created many blind spots for companies and continues to pave the way to multiple intentional and unintentional data leaks;
- Cyber-criminals could attempt to exploit potential vulnerabilities in the VR/AR systems resulting in Illegal recording, theft of user data, interjection of information, hijacking and taking control remotely, sabotaging and using fake VR applications to exﬁltrate identity and behavioral data;
- and Proliferation of drones in personal lives, business spectrum and defense establishments has created a new attack vector which cyber criminals can exploit to obtain private data and much more.
Cybersecurity hygiene is everybody’s responsibility including individuals, companies, institutions and governments. With the changing threat landscape and hackers ﬁnding new ways to target, organizations need to adopt a new and proactive approach to cybersecurity. CYFIRMA recommends the following:
- Cyber threat intelligence should become the center of cyber posture management and risk management;
- Multi-layered intelligence-based approach covering Strategic (WHO and WHY), Management (WHAT and WHEN) and Operational (HOW) intelligence should be incorporated;
- Holistic consumption and integration of cyber threat intelligence into other verticals of cyber posture management is essential; and
- Deeper insights into global and local cyber events should drive real-time situation awareness
Headquartered in Singapore and Tokyo, CYFIRMA is a leading Predictive Cyber Threat Visibility & Intelligence Platform company. Its cloud-based AI and ML powered Cyber Intelligence Analytics Platform (CAP) v2.0 helps organizations proactively identify potential threats at the planning stage of cyberattacks, offers deep insights into their cyber landscape, and ampliﬁes preparedness by keeping the organization’s cybersecurity posture up-to-date, resilient, and ready against upcoming attacks. CYFIRMA works with many Fortune 500 companies. The company has offices and teams located in Singapore, Tokyo, and India.
- Huawei accuses the US of ‘launching cyber attacks’ against the company
- Exclusive: US manufacturing group hacked by China as trade talks intensified – sources
- Dispute between Tokyo and Seoul disrupts naval review in Japan
- OceanLotus’ attacks to Indochinese Peninsula: Evolution of Targets, Techniques and Procedure
- North Korea’s Hidden Cobra Strikes US Targets with HOPLIGHT
- Hacktivists are on the Rise – But Less Effective Than Ever
- The Big Hack: How China Used a Tiny Chip to Infiltrate US Companies
- URLZone top malware in Japan, while Emotet and LINE Phishing round out the landscape