According to researchers from global cybersecurity and anti-virus brand Kaspersky, JS-skimming, which is the method of stealing of payment card data from online stores, has gained immense popularity among attackers over the years. Their latest report said that they are currently aware of at least 10 different actors involved in these types of attacks.
Their number will continue to grow during the next year, the report said, adding that the most dangerous attacks will be on companies that provide services such as e-commerce as-a-service, which will lead to the compromise of thousands of companies.
The researchers have warned that more cybercriminal groups will target the online payment processing systems in 2020.
“This year has been one of many important developments. Just as we predicted at the end of 2018, it has seen the emergence of new cybercriminal groups, like CopyPaste, a new geography of attacks by Silence group, cybercriminals shifting their focus onto data that helps to bypass anti-fraud systems in their attacks,” Yuriy Namestnikov, Security Researcher at Kaspersky, said in a statement.
“Behavioural and biometrics data is on sale on the underground market. Additionally, we expected JS-skimmer base attacks to increase and they did. With 2020 on the horizon, we recommend security teams in potentially affected areas of the finance industry to gear up for new challenges,” Namestnikov said.
Additionally, cybercriminals are also going to target mobile investments apps that have become popular among users around the globe. Not all of these apps utilise best security practices, like multi-factor authentication or protection of the app connection, which will give cybercriminals an easy way to target users of such applications.
Kaspersky researchers also expect an increase in the activity of groups specialised in criminal-to-criminal sale of network access to banks in the African and Asian regions, as well as in Eastern Europe. Their prime targets are small banks, as well as financial organisations recently bought by big players who are rebuilding their cyber-security system in accordance with the standards of their parent companies.
As banking institutions are more likely to pay a ransom than accept the loss of data, they will increasingly become victims of targeted ransomware attacks.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
