Investment applications, online financial data processing tools and decentralized cryptocurrency platforms will most likely be targeted by the “financially motivated cyber threat actors” next year, leading cybersecurity company Kaspersky claims.
Financial cyber threats and attacks are some of the most dangerous or damaging ones, as they often result in the “direct financial losses for victims,” Kaspersky noted, while sharing predictions on the potential growth of the cyber threat landscape in the global financial industry.
Mobile-based investment apps have become increasingly popular among users, however, many of these software applications don’t have the best security features in place, which includes properly implemented two-factor (2FA) or multi-factor authentication. According to Kaspersky, this could lead to cyber attackers targeting unsuspecting users of these apps.
Kaspersky also mentioned that there’s a fair chance (in 2020) of a significant increase in the “activity of groups specialized in the criminal-to-criminal sale of network access to banks in the African and Asian regions, as well as in Eastern Europe.”
The intended target for these groups is most likely small financial institutions and firms that were recently acquired by larger enterprises that are “rebuilding their cybersecurity system in accordance with the standards of their parent companies.”
Certain banks might also be targeted with various types of ransomware attacks since organizations like traditional financial institutions might be more likely to pay a ransom than accept data loss or compromise other private user information, Kaspersky argued.
Yuriy Namestnikov, security researcher at Kaspersky, stated:
“With 2020 on the horizon, we recommend security teams in potentially affected areas of the finance industry to gear up for new challenges. There is nothing inevitable in potential upcoming threats, it is just important to be properly prepared for them.”
Attackers that target digital payment processing platforms are expected to grow in number as JS-skimming (stealing private data from payment cards from e-commerce sites) has become increasingly common among attackers. Companies offering services such as e-commerce as-a-service could face the most damaging attacks, Kaspersky says.
India’s cybersecurity industry is projected to expand from $1.97-billion this year to $3.05 billion by 2022, at a CAGR of 15.6%, which is nearly 1.5x greater than the global average, according to a recent report by Big Four auditing firm PwC and India’s Data Security Council.