Light Dark
December 23, 2020 By Mike Elgan 4 min read
Intelligence & Analytics
Security Services

As we bring 2020 to a close, it’s time to look at 2021 and a new chapter in the book of cybersecurity.While there are no doubt a multitude of possible attacks, here are five types of attacks that are becoming more popular and more common among attackers using Internet of things (IoT) threats.

1. Built-In IoT Threats

As entities embrace the IoT, they still lag in the defense and guidelines departments. And, threat actors will take advantage of the gap between the risks posed by IoT and how prepared people are to address those risks.

IoT devices are insecure by nature. They’re connected, meaning the bad guys can access them. But IoT devices lack the processing power for basic protection like encryption. They also tend to be highly valuable and inexpensive, making it easy for users to deploy large numbers of them (possibly 35 billion IoT devices worldwide by the end of 2021).

IT may not have authorized, or may not even know about, these devices. In many cases, the employer doesn’t even own them.

It’s likely that IoT will become the preferred target for ransomware attacks. Botnets, advanced persistent threats, distributed denial of service (DDoS) attacks, identity theft, data theft, man-in-the-middle attacks, social engineering attacks and others are also likely choices.

IoT threats, including those hitting databases, intersect with other 2021 trends, too. In a world of increased automation, many attacks focus on supply chain and manufacturing. IoT is used a lot in these fields, and updating equipment is not always a top priority. As we encounter more novel attacks on IoT networks, one question is especially important. Can we update aging firmware to give it the defenses it needs?

2. AI in IoT Threats

It’s likely 2021 will be the year of AI-powered IoT threats. And, that’s not surprising.

AI-based attacks have been taking place since 2007, mostly for social engineering attacks (simulating human chat) and for enhancing DDoS attacks. The malicious use of AI showed up on everyone’s radar in 2018, when a ground-breaking study on the threat was published.

Over time, more refined algorithms will get better at mimicking normal users on a network to foil detection systems looking for strange behavior. The biggest recent development in the use of AI in cyberattacks is democratization of tools for building and using AI systems. Threat actors can build AI tools now that just a few years ago only researchers could build.

AI systems are better than humans at performing many of the elements of IoT threats, such as repetitive tasks, interactive responses and processing very large data sets. In general, AI will help the bad guys scale up their IoT threats, automate them and make them more flexible.

And, don’t just look for exotic new AI-based IoT threats in 2021. Instead, look for the usual network breaches and other attacks, but deployed faster, at larger scale and with more flexibility, automation and customization than in the past.

3. Deepfakes for IoT Threats

Attackers will use the same tools behind deepfake videos for IoT threats, such as brute force attacks and spoofing biometrics. For example, university researchers have demonstrated generative adversarial network (GAN) techniques can brute-force fake, but functional, fingerprints. They do it in the same way passwords are brute-forced by trying thousands of attempts.

We have, in fact, already seen the use of deepfake technology in malicious attacks. The first wave of these involved faked voices. The attackers taught a computer system to sound like a CEO, who then called employees to order money transfers and the like.

Audio and image deepfakes have now been basically perfected, which is to say you can create voices and photographs that most humans can’t tell are fake.

The holy grail of deepfakes is video. Today, videos made this way still look uncanny. But it’s only a matter of time before attackers perfect deepfake video as well, enabling convincing video-call social engineering attacks. They could also use faked video for network breaches, extortion and blackmail.

4. More Specialized Cyber Crime

The entire history of cyber crime has involved increasing refinement on the part of the attackers. It often mirrors trends in honest business. And this long-standing trend in IoT threats will continue, as we can expect far more specialization and outsourcing in 2021. Threat actors will be going after bigger paydays. Rather than one person or one gang running an entire job, expect groups to offer break-in services for pay. So, a single attack may involve multiple groups, each of which is expert at performing their part.

For example, one group may specialize in reconnaissance at scale, then offer their knowledge on the dark net for a price. Another group may purchase this, then hire another group to breach the victim with a social engineering attack. That group may, in turn, hire native language speakers and graphics designers to craft more convincing emails. Once they gain access, the client may hire multiple specialist gangs for ransomware, bitcoin mining, extortion and other attacks.

In the same way that businesses have specialized, diversified and benefited from outsourcing, the people building IoT threats do, too.

5. Breakdowns Between State-Sponsored and Criminal Attacks

The organizational trends described above — the specialization and outsourcing — will further blur the line between state-sponsored attacks and gang attacks. And, this makes sense. Already many of the so-called state-sponsored cyberattacks are actually performed by criminal gangs linked to government agencies, including military and spy agencies.

With increased specialization and outsourcing, nation-states will be offered the fruits of cyberattacks, such as IoT threats, for money more and more. And nation-states will hire otherwise unaffiliated cyber gangs to do specific malicious attack jobs, or specific parts of them.

Even today, it’s difficult to tell whether a detected attack was state-sponsored or not. In the future, starting in 2021, it may become nearly impossible. The year 2021 will no doubt prove to be another exciting year in the realm of cybersecurity. Look for these five trends in IoT threats as areas to focus on.

 | 
Mike Elgan

More from Intelligence & Analytics
February 21, 2024

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

December 19, 2023

Web injections are back on the rise: 40+ banks affected by new malware campaign

8 min read - Web injections, a favored technique employed by various banking trojans, have been a persistent threat in the realm of cyberattacks. These malicious injections enable cyber criminals to manipulate data exchanges between users and web browsers, potentially compromising sensitive information. In March 2023, security researchers at IBM Security Trusteer uncovered a new malware campaign using JavaScript web injections. This new campaign is widespread and particularly evasive, with historical indicators of compromise (IOCs) suggesting a possible connection to DanaBot — although we…

December 14, 2023

Accelerating security outcomes with a cloud-native SIEM

5 min read - As organizations modernize their IT infrastructure and increase adoption of cloud services, security teams face new challenges in terms of staffing, budgets and technologies. To keep pace, security programs must evolve to secure modern IT environments against fast-evolving threats with constrained resources. This will require rethinking traditional security strategies and focusing investments on capabilities like cloud security, AI-powered defense and skills development. The path forward calls on security teams to be agile, innovative and strategic amidst the changes in technology…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature