Here are the predictions by another cybersecurity firm, based on data from its ecosystem of 400 million users.

Next year, the world will observe state-sponsored groups targeting the cryptocurrency industry, while cybercriminals will take advantage of investors by fabricating rogue wallets with backdoors included, according to predictions by Kaspersky experts.

On top of that, we are likely to witness the growth of attacks against payment systems and more advanced mobile threats.  

According to Dmitry Bestuzhev, Head of the firm’s Global Research and Analysis Team (GReAT) in Latin America: “This year has been challenging for many organizations: handling remote access for ad-hoc employees; patching hard systems connected to the Internet to endure ransomware attacks; dealing with a substantial increase of mobile banking and its malware implants. We have watched very regional cybercriminals shifting to other world regions making cybersecurity people work harder.”

In a developing landscape of financial threats, Bestuzhev hoped to share his firm’s expertise to help businesses become prepared from the following anticipated threats:

  • Targeted cryptocurrency attacks will grow: As cryptocurrency is a digital asset and all transactions take place online, it offers anonymity to users. These are attractive features for cybercrime groups. However, not only cybercriminal organizations but state-sponsored threat actors have and will continue to target this industry.
  • Hardware-based crypto threats from flawed security and fake hardware wallets: While cryptocurrency attacks are becoming more targeted, cybercriminals will keep coming up with new ways to steal investors’ financial assets. In the case of cryptocurrency investment opportunities, Kaspersky researchers have concluded that cybercriminals will take advantage of manufacturing and retailing rogue devices with backdoors, followed by social engineering campaigns and other techniques to steal financial assets. 
  • Acceleration and consolidation of infostealers: Cybercriminals will leverage the simplicity, affordability, and effectiveness of infostealers to target financial assets, at least as a first-stage data collector. Different threat actors will take advantage of such malware to profile victims for further attacks. It includes but is not limited to targeted ransomware attacks, traditional targeted attacks, and others. 
  • More mobile malware development and consolidation: Pandemic-stimulated mobile banking, which also has become more mature, will attract more mobile banking trojans for the Android platform, especially remote access tools that can circumvent the cybersecurity measures adopted by banks such as OTP and MFA. Local and regional threat groups will expand globally, exporting attacks to Western Europe and other countries worldwide. 
  • Ransomware to become more targeted and more regional: With the international efforts to crack down on major targeted ransomware groups, expect to see a rise in small regionally-derived groups focused on regional victims.
  • Greater uptake of open banking may lead to more opportunities for cyberattacks: As most of the Open Banking systems are based on the use of application programming interfaces and Web API queries performed by financial institutions, expect more attacks against them, as pointed out by Gartner.
  • Online payment systems will be under fire: The longer people stay at home because of quarantines and lockdowns, the more they rely on online markets and payment systems. However, this rapid shift has not been accompanied by the appropriate security measures, and it is attracting more cybercriminals. This issue is particularly severe in developing countries, and the symptoms will last for a while.
  • Fintech apps and increasing volumes of financial data will attract cyber threats: Thanks to online payment systems and fintech applications, lots of important personal information is stored on mobile. Many cybercrime groups will continue to attack personal mobile phones with evolved strategies such as deep fake technology and advanced malware to steal data.
    Remote-working, online games and trendjacking continue to attract threats: In 2020, the number of gamers surpassed 2.7bn, with the Asia Pacific region becoming the most active region. Remote-workers have relied on corporate laptops to play video games, watch movies and use e-learning platforms. This behavior was easy to identify because there was a boom in the mobile graphic cards market in 2020–2021 compared to previous years. This trend is here to stay, with a substantial proportion of remote workers continuing to work anywhere at least part of the time, they will continue to be targeted. Cybercriminals will spread malware and steal logins, in-game items, payment information and more through the use of popular video games. In addition, Hollywood blockbuster movies have become the perfect lure for those desperate to watch a film before it is released.

Finally, cybercriminals are raring to restart ATM/PoS attacks. During the pandemic, some locations saw PoS/ATM transaction levels drop significantly. Lockdowns forced people to stay at home and make purchases online, and this was mirrored in PoS/ATM malware too.

As restrictions are lifted, we should expect the return of known PoS/ATM malware projects and the appearance of new projects. Cybercriminals will regain their easy physical access to ATMs and PoS devices at the same time as customers of retailers and financial institutions.