What’s in store for 2021? Vaccine scams and deepfake distractions
A global digital security company has released a dire prediction about 2021, warning vaccine scams, cyber attacks on home offices and deep-fake disinformation campaigns will dominate the year.
Prague-based cybersecurity company Avast issued an alert after spotting rising trends across the disarray of the past year.
Across the past 12 months, a worldwide pandemic has killed hundreds of thousands and infected millions, sending many cities and countries into long-lasting lockdowns.
On top of that, there have been increasing concerns about global warming, and a chaotic American election to sit through.
With more people sitting at home on their laptops, Avast’s threat labs team lead Jakub Kroustek believes those conditions mean cybersecurity issues will remain a major problem in 2021.
The company also raised concerns about the reliance of smartphones, saying they would become an increasingly popular target for adware, stalker-ware and fleece-ware.
Watch out for vaccine scams
The world’s first official Covid-19 vaccine began rolling out in the UK just this week.
But that means scammers are also offering cures of their own.
Kroustek says fake Covid-19 shops have been circulating since the beginning of the pandemic, but he’s predicting a surge in scams via faux sales websites and ads placed on social media platforms.
“If people see vaccination offerings circulating on the internet, they need to keep in mind that the sale is likely too good to be true, as vaccinations should be distributed through official sources only,” warned Kroustek.
“Instead of falling for shady scams, people should trust their local doctors and medical institutions for Covid-19 information and vaccinations.”
The downside to working from home
As lockdowns began being enforced to curb the spread of Covid-19, many gave up on their office cubicle and started working from home.
That trend looks set to continue, with businesses giving up the rent on expensive inner-city buildings and instead trusting staff to get the job done from the comfort of their couch.
Kroustek predicts a rise in cyber-attacks on weak home office infrastructures is coming.
“Companies … will be at risk of falling victim to targeted attacks via their VPN infrastructure and remote desktop applications they may be using to connect employees working from home,” he says.
The goal of hackers, he says, is to spy on confidential information and steal intellectual property and customer data.
He also warned that ransomware attacks on healthcare providers would increase, with the aim of extracting sensitive customer information for blackmail purposes and “industry espionage”.
“Individuals … should be wary of scams, specifically around the topic of vaccinations,” he said.
Deepfakes and disinformation are here to stay
During the American election, deep-fake videos circulated on what seemed like a daily basis – and many were of such high quality it was very easy to believe they were real.
Avast’s AI Research Director Petr Somol says deep-fake technology is so advanced that techniques for creating one can be learnt in just a few minutes.
That means there’s going to be more of them next year, and they’ll be better than ever before.
“Deepfakes will likely reach a quality next year where they can be actively used in disinformation campaigns,” says Somol.
“Conspiracy theories about the coronavirus, such as its alleged spread via 5G, could be re-emphasised via deepfake videos, for example wrongly showing politicians as conspirators.
“The pandemic, the resulting increase in people working from home, and higher reliance on online connectivity, as well as the growing economic pressure, combined with uncertainty among people, are likely to feed into the effectiveness of the use of deepfakes to spread disinformation.”
Keep an eye on your phone
Adware remains an aggressively popular way for cyber-criminals to make money.
Fleeceware, a subscription scam, is also on the rise, as is stalkerware, apps installed by third parties to spy on people.
All of these things sound dodgy, are dodgy, and will continue to be dodgy in 2021.
“There will always be a loyal user base in the stalkerware field,” says Ondrej David, Avast’s mobile malware analysis team leader.
“The cybersecurity industry has continued to raise awareness around the issue of stalkerware in 2020 which may help prevent further growth in stalkerware attacks at the end of this year and in 2021 as the authors and operators may be waiting for the hype to die down before they can drive new campaigns,” he says.
“The primary modus operandi for this category of threat is, after all, stealth … a lot more effort needs to go into the field of detecting such unwanted apps.”
We think you might these:
NZ Cyber Security update
Twitter hack exposes the biggest cybersecurity weakness – us
DDoS attacks a big warning against complacency on cybersecurity – RedShield
Talking to Michael Howard, Cyber Security Innovator
Red Hat is the world’s leading provider of enterprise open source solutions, using a community-powered approach to deliver high-performing Linux, cloud, container, and Kubernetes technologies.
Compliance and Vulnerability
Cloud compliance is the general principle that cloud-delivered systems must be compliant with standards that the cloud customers face. Essentially, cloud customers need to look at the effective security provisions of their vendors the same way they would look at their own internal security. They will need to figure out whether their cloud vendor services match the compliance that they need. There are several ways to go about this. In some cases, companies can just look for vendors that certify compliance, and choose their services without any further input. However, sometimes clients may need to actually get involved in accessing the cloud vendor's security, to make sure that it complies with the industry standards and regulations.