AhnLab (www.ahnlab.com) has released the 'Five Cyber Security Threat Prospects for 2021' by summarizing the major security threats expected in 2021.
The 'Five Cyber Security Threat Prospects for 2021' announced by AhnLab is ▲ increasing targeted ransomware attacks ▲ increasing security threats in non-face-to-face work environments ▲ diversifying language for creating malicious codes ▲ modularizing functions of malicious codes ▲ globalization of malicious app distribution, etc. to be.
Han Chang-gyu, executive director of the AhnLab Security Response Center, said, “In 2021, the digital-centered daily life triggered by Corona 19 will spread more.” It is necessary for all members, including companies and users, to increase security awareness.”
Last year, there were a number of targeted ransomware attacks that performed double threats by analyzing the vulnerabilities of certain companies and institutions and executing information leakage and file encryption at the same time. AhnLab predicts that targeted ransomware attacks will increase in 2021. In addition, it added that different attacker organizations may join forces to jointly execute advanced ransomware security threats to increase the success rate of attacks against specific targets.
The transition to a non-face-to-face work environment to prevent COVID-19 infection is expected to continue this year. Attackers are expected to launch various security threats, such as 'phishing mail disguised as work mail' and 'smishing using issue keywords', targeting individuals and small and medium-sized enterprises with weak security aiming at such a non-face-to-face business environment. In particular, in a non-face-to-face work environment where security management for individual members is important, small and medium-sized businesses that have difficulty with security experts are more likely to suffer hacking damage, the company explained.
AhnLab predicts that in 2021, attackers will use various programming languages to widen the operating environment of malicious codes and avoid tracking them. Currently, many malicious codes are produced in popular programming languages such as C, C++, Visual Basic, Delphi, and C#. However, malicious codes made in relatively recent programming languages such as Python and Go have appeared one after another. Since such malicious codes have a different form and structure from existing malicious codes, a separate analysis method may be required. In addition, it is expected to diversify the language for creating malicious codes in order to operate malicious codes in a new environment that is frequently used in recent years.
In the conventional method in which one malicious file performs all malicious actions, it is expected that the modularization of functions of malicious code that performs malicious functions such as communication with C&C server, information leakage, and file creation in each file will increase. If the malicious code is divided into several files and operates, it may be difficult to grasp the exact flow of each malicious behavior and attack with only single file information. In order to interfere with the detection of malicious code, the attacker is expected to launch an attack that avoids detection by modularizing malicious code functions.
Recently, the use of global content and services such as overseas content apps and overseas direct purchase apps by smartphone users is becoming more common. Therefore, if an attacker impersonates a well-known global app, a wide range of attacks can be performed against users from various countries at once. The company emphasized that users who frequently use overseas services must comply with security rules such as installing smartphone vaccines and installing apps only through official channels.
0 Comments