MENU
GET LISTED
GET LISTED
SHOW ALLPOPULAR CATEGORIES
  • Home
  • B2B News
  • 16 Latest Cybercrime Trends & Predictions for 2020 and Beyond

16 Latest Cybercrime Trends & Predictions for 2020 and Beyond

Category: B2B News

There’s perhaps nothing more cumbersome than having your website hacked or your personal data stolen online. It takes hours to restore a compromised website to its normal operation, and that could mean financial loss for you if your business relies heavily on the web. Hacking, phishing, malware attacks–all these cybercrime trends are affecting millions of businesses daily, and no one is safe from them.

As technology keeps evolving at a rapid pace, so do cybercrooks. Apart from newer forms of cyber threats, even the oldest tricks in the book are not completely useless for these cybercriminals. They take these tricks out of the box and make modifications and updates to bypass security measures especially created for them. Further in this article, we present the latest cybercrime trends that we all have to watch out for.

cybercrime trends main web

From 2013 to 2016, cyberattacks have already cost businesses about 5 billion US dollars. This proves the damaging impact of cybercrimes that goes across several industries all over the world. Additionally, cyber crimes are directly affecting innovation, jobs, economic growth, and investments.

In most cases, a breached company or organization is more than likely to lose even its most loyal customers. A survey by Gemalto reveals that exposure or theft of customers’ personal data will harm the relationship of the breached organization with its customers. With the rise in cybercrime, there are free IT security solutions that you can try, but investing in IT security can pay off so much more than what it’s worth.

Frequency of successful attacks per year

Percentage of successful attacks

2015

2016

2017

2018

2019

Source: Imperva (2019)

Designed by

However, tighter security is sometimes still not enough to guarantee immunity from cyberattacks. With the changing nature of cyber threats, cyber attackers are always one step ahead of existing security measures. Awareness of how these attacks take form can do wonders, though. In the following section, we provide a more comprehensive discussion of the latest cybercrime trends affecting various industries.

1. Rise in ransomware attacks

Ransomware remains as one of the biggest threats on the web today. First coming into the fore in 2017 with the effects of global campaigns NotPeya and WannaCry, reports show that the number of ransomware attacks doubled this year. Although cybercrime trends of ransomware attacks seemed to fall out of favor with hackers in the past years, it is on the rise again as cybercriminals discover code innovations and newer and more targeted approaches.

According to the McAfee Labs Threats Report for August 2019, there is a 118% rise in ransomware attacks in the first quarter of 2019. To combat ransomware attacks, there are several decryption tools available in the market, but developers of ransomware see to it that they continue to always be one step ahead by releasing new versions of malware.

Rise in ransomware trends highlights

  • The number of ransomware attacks doubled this year.
  • Decryption tools are available but not enough to combat newer versions of the malware.
  • 2019 saw a 118% rise in ransomware attacks.

2. Attacks during the workweek

The sophistication of cybercrime activities continue to evolve, and reports find that cybercriminals stick to the pattern of attacking during the workweek. A comparison of web filtering volume for two cyber kill chain phases found that pre-compromised activities are more likely to occur during the weekdays.

Employees receive about five phishing emails per workweek, according to a new report by Avanan. While employees are always busy with the number of emails they receive every day, they become easy targets of phishing attacks disguised as a regular email. These exploitation activities require someone else taking an action, such as employees taking the bait of phishing e-mails and thus the fewer attacks during the weekends.

To fight security threats, there are several IT security software solutions available in the market today. Here are some examples of them.

Attacks during the workweek

IT security software solutions examples:

  1. ManageEngine Firewall Analyzer: ManageEngine Firewall Analyzer is a configuration management solution. The software is designed to provide network activity insights while monitoring firewall logs.
  2. ManageEngine ADSelfService Plus: ManageEngine ADSelfService Plus is a web-hosted end-user password reset management solution. The software comes with tools such as self-service password reset, manage account unlock, and password/account expiry notification.
  3. EventLog Analyzer: EventLog Analyzer is a tool to ensure that data is secured for forensic analysis and compliance audits. It also enables log import from a local/remote host through HTTP/HTTPS and FTP.
  4. Cloudflare: Cloudflare is a network security solution and a CDN service. The software is equipped with web content optimization tools used in the public and private sectors.
  5. Malwarebytes: Malwarebytes is a security software that combats malware, ransomware, threats, and infected sites. The software includes several protection modules helpful in running comprehensive scans.

Attacks during the workweek trends highlights

  • Cybercrime activities are more prominent during the workweek.
  • Employees are easy targets for phishing e-mails.

3. Countries most affected by mobile malware

In the first quarter of 2019, Pakistan, Iran, and Bangladesh top the list of countries with most mobile malware attacks. The report shows that more than one-third of mobile users in Pakistan experienced a mobile malware attack. Iran and Bangladesh follow closely behind, with 31.55% and 28.38% respectively of mobile users reporting mobile malware.

Users of mobile devices last 2018 saw the strongest cybercriminal onslaught as of yet. Reports detect that virus writers seem to focus more on attacks on bank accounts via mobile devices, droppers (Trojan-dropper) designed to bypass detection, adware apps, and apps that can be used by cybercriminals to cause damage.

Countries most affected by mobile malware

Percentage of mobile users attacked

Pakistan

Iran

Bangladesh

Algeria

Nigeria

Source: Statista Research Department (2019)

Designed by

Countries most affected by mobile malware trends highlights

  • Pakistan, Iran, and Bangladesh are the countries with most mobile malware attacks.
  • Virus writers attack via compromising bank account frauds, droppers (Trojan-dropper) designed to bypass detection, adware apps, and apps that can be used by cybercriminals to cause damage.

4. Cyberactivism

Cybercrime is no longer just for thieves. Cyberactivists are now also contributing to the vast amount of cybercrimes that happen daily. Modern activist movements consider cyberactivism as a significant milestone. And according to cybersecurity analysts, hacktivism shows no signs of stopping this year and in the years to come.

Cyberactivists are the online equivalents of protesters fighting for a particular agenda. One of their main purposes is to interrupt the website operations of a company or an organization as a way of getting across their messages to the higher-ups. Another motive is to spread awareness about a company’s bad practices.

One such example of cyberactivism is the infamous attack on PayPal and MasterCard. In 2010, a group of cyber activists who claimed to be part of Anonymous executed a DDoS attack on Paypal in response to Paypal’s shutdown of payment services to WikiLeaks. Cyberactivism is expected to grow in the coming years and affect business sales and revenues.

Cyberactivists trends highlights

  • Cyberactivism is expected to grow in the coming years.
  • Cyberactivism can be a vehicle for desired social change.
  • Cyberactivists also contribute to the number of cybercrimes every year.

5. AI and IoT in cybercrime

AI goes both ways in cyberspace: it can both be a blessing and a curse. With the advent of IoT devices, AI is predicted to commit more cybercrimes than actual people in the year 2040. AI and IoT are gradually making things easier for cybercriminals. Any device that can be connected to the Internet carries the risk of getting hacked. And with the rapid growth of the technological advancements in the AI aspect, IoT devices are facing security issues that seem to have no solutions as of yet.

Just this year also, the United Nations Interregional Crime and Justice Research Institute (UNICRI) is looking into the advance understanding of AI applications for criminal justice and crime prevention. But while AI could prevent and deter crimes, the risk lies in the system that can pose a global security threat if left alone with its machine-operated directives.

AI and IoT in cybercrime

AI and IoT in cybercrime trends highlights

  • AI can open more doors for cybercrime.
  • By 2040, there can be more cybercrimes committed by AI than actual people.
  • Security issues are prevalent in IoT devices.

6. Card-not-present fraud

Cardholder data remains as the primary target of cybercriminals. Hence, payment card systems continue to be infiltrated by cybercriminals. In the last few years, credit, debit, and prepaid card frauds ballooned in the United States, reaching about $4.57 billion in 2016. Although the Payment Card Industry Security Standards Council (PCI SSC) imposed more strict compliance requirements to protect cardholder data, vendors and merchants still find themselves targets of data breaches.

Recent figures suggest a growing number of credit cards that are already compromised. Credit card information could be stolen right from the card or it could be bought on online marketplaces for stolen cards, in particular, the Dark Web. Federal Reserve’s report in 2018 noted that the card-not-present cybercrime represents a drag on economic activity as it is costing billions of losses in merchandise. This resulted in businesses heavily spending on protection against such fraud by buying security software solutions, hiring security experts, and collaborating with outside companies to monitor transactions.

Number of fraud reports yearly

Percentage based on the total Consumer Sentinel Network reports

2015

2016

2017

2018

Designed by

Card-not-present fraud trends highlights

  • Credit, debit, and prepaid card fraud reached $4.57 billion in 2016.
  • Cardholder data can be sold on online marketplaces such as the Dark Web.
  • There is a growing number of credit cards that are already compromised.

7. Data breaches

One of the biggest data breaches in history was when the data of Marriott International customers were stolen by cyber thieves. Just last November 2018, an announcement by Marriott International confirmed that cyber thieves were successful in stealing the data of approximately 500 million customers. This data breach goes as far back as 2014, stemming from systems that supported the Starwood hotel brands, and was not discovered until 2018.

Data breaches happen daily, and it is one of the biggest cyber threats on the web today. Every year, the number of data breaches continues to increase. About 56 percent of data breaches in the first half of 2018 are social media data breaches. Moreover, companies leave thousands of files unprotected, according to the 2018 Varonis Global Data Risk Report. In the report, it was revealed that 100,000 folders are open to every employee for 58% of companies.

Source: PCloud

Data breaches trends highlights

  • In the first half of 2018, about 56% of data breaches are from social media.
  • About 58% of companies are leaving 100,000 folders open to every employee.
  • The data of 500 million customers got stolen by a data breach attack on Marriott International last 2018.

8. Cryptojacking

Cryptojacking is threatening ransomware’s position as the most dangerous form of cyber attack. Malware developed to infect systems to mine for cryptocurrency, cryptojacking is replacing ransomware on the watchlist of cybersecurity analysts. Several studies also show that most recent malware attacks today are designed specifically for cryptojacking, where the malware infects a system with malicious code and then uses its CPU to mine for cryptocurrency.

With cryptocurrency shaping today’s cyber threat environment, mining services, and currency exchangers are facing the risk of getting hacked. According to Europol’s report in 2018, the ease of cryptojacking attacks and attack tool availability are leading to cryptomining malware becoming a regular thing in the cybercrime future trends. It is also expected to provide a low-risk revenue stream for cybercriminals.

Cryptojacking

Cryptojacking trends highlights

  • Cryptojacking is a growing threat in cyberspace.
  • Cryptomining malware are on their way to become a regular thing in the future
  • Cryptojacking creates a low-risk revenue stream for cybercriminals.

9. Targeted attacks

While targeted attacks are not exactly new in the cybercrime scene, it is no less threatening than the existing types of cyberattacks. Targeted threats are crimeware designed for specific industries or corporations, and with its ability to capture sensitive information, it continues to become a major concern for most organizations.

In 2017 alone, there were more than 130 targeted and large-scale breaches in the United States. Moreover, the number keeps growing by 27 percent every year, according to a report by Accenture. The government, retail, and technology industries are the three most popular preys of targeted malware because of the highly valuable data of personal identifying information kept in their records.

Meanwhile, healthcare companies are emerging this year as one of the industries often targeted by such malware. Newest research by Proofpoint US, a California-based enterprise security solutions provider, found that about 77 percent of phishing emails were targeted the medical sector for the first quarter of 2019. The cybercrime trends in healthcare involved the use of malicious links disguised as regular emails.

Malicious email per user by industry

Percentage of targeted users

Mining

Wholesale Trade

Construction

Non-classifiable establishments

Retail Trade

Source: The SSL Store (2019)

Designed by

Targeted attacks trends highlights

  • For most organizations, targeted attacks remain as a major concern.
  • For the first quarter of 2019, 77 percent of phishing emails targeted the medical sector.
  • In 2017, there were 130 targeted and large-scale breaches in the United States.

10. Encrypted communication platforms

An end-to-end encryption is one of the best ways to keep communication between two points anonymous and totally difficult to trace. Thus, there is no wonder as to why cybercriminals decided to shift to encrypted chatting platforms for communication and commerce. With encrypted peer-to-peer chat platforms like Jaber and WhatsApp, it’s harder for law enforcement to decrypt messages and eavesdrop on the plans of cybercriminals.

These instant messaging programs give cybercriminals an advantage. By using such a form of communication, the FBI finds it difficult, if not impossible, to decrypt their messages containing the details of their cybercrime operations. Skype, however, although not encrypted and as secure as other messaging platforms, is still among the most popular and most preferred platforms of cybercrime gangs around the world, according to FlashPoint’s study of communications platforms used by financially motivated cybercriminals.

Encrypted communications trends highlights

  • Cybercriminals prefer communicating using encrypted chat messaging platforms.
  • Skype is also a popular messaging platform that cybercriminals use.
  • Encrypted messaging programs give law enforcement a hard time decrypting messages.

11. Bitcoin popularity

As bitcoin becomes more popular, it’s also amplifying ransomware. Bitcoin has also been reported as one of the most popular ransom payment methods to elude law enforcement. And although other virtual currencies like monero see a growth in interest, bitcoin still tops the list of cryptocurrencies encountered in cybercrime investigations.

The value of bitcoin more than doubled in 2019. In the coming months, it could rally even higher than the $12,902 level in June of the same year. And because of its value, anonymity, and decentralized system, cybercriminals are naturally drawn to it. It became the preferred currency of darknet criminals and thus increased the number of cryptocurrency malware. In 2017, Malwarebytes, an anti-malware software company, reported having to stop 250 million attempts to infect PCs with coin-mining malware in just one month.

bitcoin lost

Bitcoin popularity trends highlights

  • Bitcoin is the preferred currency of darknet criminals.
  • The popularity of bitcoin also drives the increase in coin-mining malware.
  • In just one month, Malwarebytes had to stop 250 million attempts to infect PCs with coin-mining malware.

12. DDoS attacks

By overloading a server with a maximum number of junk requests, DDoS attacks can take down even the largest websites. Apart from its number, the sophistication, complexity, and duration of DDoS attacks are also increasing and becoming even more problematic. This is why Norton dubs DDoS attacks are one of the most powerful weapons on the Internet.

In 2016, DDoS attacks increased by 125 percent year over year, and that figure keeps increasing. During the second quarter of 2019, a higher number of high-profile DDoS attacks than the first quarter was recorded. This could be attributed to the inexpensive cost of DDoS-as-hire attacks, making it one of the most affordable cyber weapons for the likes of regular industry competitors or Internet trolls. Nonetheless, security companies are widely implementing protection from DDoS.

Distribution of DDoS attacks by country

Percentage of attacks

China

United States

Canada

Hong Kong

Singapore

Source: Kaspersky, 4th quarter of 2018 (2019)

Designed by

Distributed denial of access attacks trends highlights

  • DDoS attacks remain as one of the most powerful weapons on the Internet.
  • China tops the list of countries with the most number of DDoS attacks.

13. Business email compromise

Emails today are still one of the most commonly used forms of communication, but with the rise of cyber threats, it becomes more vital to learn how to manage emails effectively and ensure that they are safe. Business email scam is another old trend in the cybercrime scene that does not show any sign of going away anytime soon. Up to this day, it’s still a billion-dollar enterprise, and it’s targeting about 6 thousand businesses every month. FBI attributed $12 billion in domestic and international losses to BEC scams recorded between October 2013 and May 2018.

During the past 12 months, businesses received an average of five BEC scam emails. That is according to Symantec, which further reports that their businesses have a 17 percent chance of getting one or more BEC emails per month. Reports also show that the top targets for BEC fraud in 2017 and 2018 are manufacturing and construction firms.

Source: Sysnetgs

Business email compromise trends highlights

  • About $12 billion in domestic and international losses are attributed to BEC scams.
  • Manufacturing and construction firms are the top targets for BEC fraud.

14. Social engineering

Social engineering attacks can affect businesses of all sizes, and that is still true in 2019, especially with the amount of trust businesses and individuals place on online communication. Computer-based social engineering, which includes phishing campaigns, baiting, and clicking on malicious links, remains prevalent in today’s highly digital era. Even the best cybersecurity software companies would admit that social engineering in cybercrime is still a major concern.

The percentage of successful social engineering attacks rose from 71 percent in 2015 and 76 percent in 2016 to 79 percent in 2017. Moreover, it takes roughly five months to detect a social engineering attack, which is why it’s one of the most popular methods for data breach. 97 percent use social engineering, while only three percent of data breach attacks involve malware.

Social engineering trends highlights

  • In 2017, the percentage of successful social engineering attacks rose to 79 percent.
  • It takes about five months before companies detect a social engineering attack.
  • Instead of malware, social engineering is used more for data breach.

15. Phishing

Phishing is as prevalent as ever, and it is even on its way to becoming 2019’s most significant cybersecurity threat. To combat phishing attacks, security companies over the years, kept developing new methods, such as hardware-based authentication and renewed approaches to security-oriented training and awareness, yet phishing is still effective today and many still fall victim to it.

Furthermore, phishing attempts can be difficult to spot and even more difficult to avoid. This is most especially true in the case of mobile users. Last year, Lookout reported that about 56 percent of mobile users received and tapped on a phishing URL. To prevent phishing attacks, it is important to always be cautious about personal or business emails, advertisements (linked URLs) on websites and in apps, as well as text messaging and other messaging services as they are often used in phishing.

Leading organizations impersonated by phishers worldwide

Share of attacks in percentage

Microsoft

Google

Facebook

Apple

Paypal

Source: Statista Research Department (2019)

Designed by

Phishing trends highlights

  • About 56 percent of mobile users received and tapped on a phishing URL.
  • Phishing is about to become 2019’s most significant cybersecurity threat

16. RDP attacks

Because of the rise of RDPs, this year saw a decline in automated attack toolkits. Designed to exploit vulnerabilities in widely used software, automated attack toolkits are now being replaced by RDP attacks. RDP credentials can give attackers remote access to a corporate environment, which further leads to a network search of intellectual properties or cryptolock systems.

Thus, RDP is now becoming a common method for cybercriminals to gain access to systems and data, with their targets usually small and medium-sized businesses (SMBs). According to Beazley, about 71 percent of ransomware attacks target SMBs, and RDP usually acts as an attack vector to further launch a ransomware attack.

RDP attacks

RDP attacks trends highlights

  • RDP attacks are replacing automated attack toolkits.
  • About 71 percent of ransomware attacks are through RDPs, and their targets are SMBs.

Cybercrime trends to watch out for

There are two sides to a coin, and so there are too in cyberspace. Cyberspace is a great place for commerce, societal advancement, and innovation. However, there also lies the risk of becoming a target for various forms of cyberattacks. Advanced technology and systems give an edge to businesses and organizations, but it means newer and more advanced methods for cybercriminals to attack too, leading to a cybercrime trends increase.

These trends reflect that cybercrime today presents the trickiest types of crimes to deal with. Cybercriminals are getting bolder every day and impact many industries, but most of all, they threaten businesses of all sizes on the web. Bigger organizations have deeper pockets for more advanced security tools to face cyber threats, but small business enterprises are not always so lucky. Thus, staying aware and vigilant at all times can go a long way in preventing these cyberattacks from occurring, and it is also helpful to know what IT security solutions are perfect to protect your site.

By Jenny Chang

Senior writer at FinancesOnline who writes about a wide range of SaaS and B2B products, including trends and issues on e-commerce, accounting and customer service software. She’s also covered a wide range of topics in business, science, and technology for websites in the U.S., Australia and Singapore, keeping tabs on edge tech like 3D printed health monitoring tattoos and SpaceX’s exploration plans.

Leave a comment!

Add your comment below.

Be nice. Keep it clean. Stay on topic. No spam.

TOP

Why is FinancesOnline free? Why is FinancesOnline free?

FinancesOnline is available for free for all business professionals interested in an efficient way to find top-notch SaaS solutions. We are able to keep our service free of charge thanks to cooperation with some of the vendors, who are willing to pay us for traffic and sales opportunities provided by our website. Please note, that FinancesOnline lists all vendors, we’re not limited only to the ones that pay us, and all software providers have an equal opportunity to get featured in our rankings and comparisons, win awards, gather user reviews, all in our effort to give you reliable advice that will enable you to make well-informed purchase decisions.