Kaspersky Highlights Key Trends in Financial Cybersecurity for 2024

Kaspersky Lab has published forecasts on financial cyber threats for 2024, highlighting several key trends that will impact the security of financial systems and their users. Among them are:

1. The active employment of artificial intelligence (AI) for cybercriminal purposes. Malefactors will utilize generative AI to create convincing advertisements, emails, and other communications to deceive victims. This approach will lead to an increase in amateur attacks, lowering the barrier to entry in this niche, while simultaneously increasing the likelihood of deceiving victims.
2. A rise in attacks on instant payment systems, such as PIX in Brazil, FedNow in the USA, and UPI in India. These systems facilitate quick and convenient money transfers between accounts but also heighten risks for users. Cybercriminals will exploit mobile banking Trojans and clipboard hijacking attacks to intercept and alter payment details.
3. The global proliferation of Automatic Transaction Systems (ATS), allows malefactors to execute transactions as soon as a user logs into a banking application. These systems are currently predominantly used by Brazilian banking Trojans but may emerge in other countries. They enable cybercriminals to swiftly withdraw funds from victims’ accounts.
4. An increase in the popularity of Brazilian banking Trojans. Many cybercriminals from Eastern Europe have recently shifted to ransomware, moving away from online banking malware. This vacated niche could be filled by Brazilian banking Trojans. Some families, such as Grandoreiro, are already active worldwide, affecting over 900 banks in 40 countries. These and other families will continue to spread globally, aspiring to become the new ZeuS.
5. A change in ransomware tactics, with attackers becoming more selective in their targets to increase the chances of receiving a ransom or demanding a larger sum. This strategic shift will make attacks on financial organizations more targeted and destructive.
6. An increase in backdoors within open-source software packages, which are widely used by financial organizations. Cybercriminals will exploit vulnerabilities in popular open-source software, jeopardizing the security, data, and finances of organizations that use them.
7. A decrease in zero-day attacks and a rise in first-day attacks. Malefactors will rely less on zero-day vulnerabilities and focus more on first-day exploits. This trend could be due to a decrease in zero-day vulnerabilities, forcing criminals to seek more reliable and accessible attack methods.
8. A rise in attacks linked to configuration errors in devices and services, making them publicly accessible. Through these vulnerabilities, criminals will be able to gain unauthorized access to systems and initiate attacks.
9. A change in the structure of criminal groups, becoming more flexible. Participants in cybercriminal groups will move from one group to another or work for several groups simultaneously. This will complicate the efforts of law enforcement agencies in tracking down perpetrators and combating cybercrime.
10. The use of less popular or cross-platform programming languages to create malware and exploit vulnerabilities. Cybercriminals will increasingly prefer less common cross-platform languages, such as Golang and Rust, which allow for writing efficient and analytically complex code. An example of such malware is the Colombian encryptor MarioLocker, written in Golang.
11. An increase in hacktivist activity. Amid socio-political conflicts, hacktivist activity will rise, aiming to disrupt critical infrastructure and services. Such groups pose a serious threat to financial and other organizations crucial for societal functioning.

In 2024, the financial sector will face more complex and diverse cyber threats, necessitating more advanced protection methods. Financial organizations should adapt their cybersecurity strategies to new conditions to proactively address potential issues, safeguarding assets and valuable data. For effective combat against the growing risks in the financial sector next year, it’s essential to establish collaboration between government and private organizations and utilize reliable cybersecurity solutions.