Emerging Cyber Threats

With the increasing adoption of digital technologies across the country, authorities must expedite modernization of law enforcement agencies at the Central and state levels besides building an integrated cybercrime management infrastructure. Here are some of the Cyber threats we must know about.

ATM Attacks: Jackpotting

Jackpotting is the most sophisticated form of exploiting automatic teller machines (ATMs) and is a new entrant to the cybercrime radar. This approach involves infecting an ATM with malicious software. Any early form of this type of attack involved the transfer of malware to the ATM on a USB through an interface portal. Hence, modes of infiltration are becoming more effective and necessitate less involvement of the hacker.

Crypto Jacking

The year 2018 witnessed a rise in crypto-jacking, a technique which leverages malware or other means to infect an end-user’s computers with software that hijacks the systems’ resources and sets them to mine cryptocurrencies. In 2019, this effort is likely to accelerate again, as hackers try to compromise cloud administrator accounts using new or known vulnerabilities, by phishing for administrator credentials. Hackers are likely to exploit these accounts by running mining software to mine cryptocurrency and may remain undetected for a considerable amount of time.

AI for Cyber Criminals

AI’s limited usage era in our day to day life has ended. Its presence is ubiquitous with the emergence of never seen cyber risks. Hackers are capable to infect organizations’ systems using smart AI-powered malware. This malware may remain undetected and propagate inside the network and may be able to gather information about users’ behaviors and organizations systems. While a few examples of the attacks using AI have been seen in the form of bypassing CAPTCHA systems, improving the accuracy of phishing, developing highly evasive malware, etc.

Form Jacking

The use of malicious JavaScript code to steal credit card details and other sensitive information from payment forms on the web pages of e-commerce sites or any other site with payment section is termed as form jacking. Form jacking has increased dramatically since mid-August 2018. Almost 50,000 retailer websites are compromised last year by a hacker group called as Magecart which inserted malicious code into their websites to steal payment card information of thousands of customers.

Ransom Hack

A new type of cyberattack called a ransom hack has been observed in recent times. In case of a traditional ransomware attack, customer data is held hostage until the ransom is paid, however, in case of ransom hack, data is not released even if the ransom is paid.

Targeting End Citizens

Majority of the attacks globally are developed with a motive to dupe gullible end citizens, exploiting their lack of awareness and weak security preparedness while using ICT systems. The impact has evolved from data breaches in availing services to jeopardizing end citizens’ life in the context of smart cities.