Avast 2023 predictions highlight increased risk of malicious damage caused by ransomware gangs
‘Scamdemic’ also predicted to continue into 2023, with fraudsters exploiting human weaknesses, cyber gangs improving their business strategies and recruiting hacktivists
TEMPE, Ariz. and PRAGUE, 7 December 2022 /PRNewswire/ — Avast, a leading global consumer digital security and privacy brand from Gen™ (NASDAQ: GEN), expects an increased risk of ransomware attacks in 2023 that threaten to leak valuable data to people and businesses whose ransom demands not paid. In addition, Avast researchers foresee the optimization of social engineering used in fraud attacks, exploiting financial difficulties and fears of an energy crisis. The experts also expect an increase in malicious activity overall, as open source malware becomes more available and cyber gangs recruit hacktivists to join their cause.
The threat of ransomware is likely to worsen as data leaks become common practice
“Ransomware attacks themselves are already an individual’s and companies’ nightmare. This year we saw cyber gangs threatening to publicly publish their target’s data if the ransom is not paid, and we expect this trend to only grow in 2023,” said Michal Salat , Threat Intelligence Director at Avast. “This puts people’s personal memories at risk and poses a double risk to businesses. Both the loss of sensitive files, plus a data breach, can have serious consequences for their business and reputation.”
For businesses, successful ransomware attacks can quickly add up to millions of dollars in recovery costs caused by downtime in operations, reimaging units and incident response programs, and operating costs with hospitals unable to perform operations or factories halting production. New global sanctions introduced this year could put companies affected by ransomware in a difficult situation, as they face potential prosecution if they pay ransom demands to groups listed on sanctions lists, such as ransomware groups based in Russia.
Scamdemic will continue in 2023
“We’ve been living in a scam epidemic for a while now, and there’s no sign of it slowing down,” Salat said. “Cyber groups go to great lengths to exploit people’s worst fears to trick them into sending money or giving up personal data because it’s easier to make people vulnerable than to hack their devices. Next year, we expect to see attacks playing with people’s financial and environmental Scams not only flood people’s inboxes in the form of phishing emails, but bombard people’s texting apps and keep their phones ringing.”
With ever-improving techniques, the person becomes the weakest link. An expected trend for 2023 is the takeover of social media accounts leading to impersonation attacks on friends online.
The business of cybercrime will become even more sophisticated
Avast researchers further predict that the already professionalized business of cybercrime will become more sophisticated. Cybercrime groups Zloader, Racoon Stealer and Ursnif came together this year to take advantage of each group’s specializations and focus to support each other and maximize profits. Avast researchers expect this type of cross-group collaboration to continue. Additionally, Lockbit 3.0, a ransomware group, was the first ransomware group to offer a bug bounty program over the summer, and others are likely to follow. Bug bounties allow third parties to report new product vulnerabilities to software companies in return for a price. In typical cases, this helps companies secure their software and protect themselves and their customers from cybercriminals exploiting vulnerabilities. In this case, however, people are being lured by a malicious group to help make the ransomware effort more robust.
“Cybercrime has been a growing business for years, but we’ve started to see open source malware become more readily available and distributed on platforms like Discord. People, including young people with less technical knowledge, can now get their hands on malware and can be more inclined to join the dark side given the current economic difficulties,” says Michal Salat. “We have also seen criminal groups recruiting and paying people to carry out DDoS attacks, or installing ransomware on employers’ devices, for example. Not only will we see more malicious activities thanks to software as a service, the distribution of software to perform DDoS attacks and readily available open source code, but this could be a stepping stone to a career as a cybercriminal.”
How people can protect themselves from fraud
- If you have one, pay by credit card instead. Compared to debit cards and bank transfers, credit cards are far more secure. Your credit card company is on your side when it comes to fraud. When you’ve been ripped off, chargebacks are your friend.
- Never download attachments or click on links from unknown contacts. Scammers can use attachments and websites to infect your computer with malware. For example, Trojans often slip onto your device disguised as harmless attachments, and these Trojans can then carry rootkits, spyware or adware. Some malware will only show you ads, while others can be far more harmful.
- Keep personal information to yourself. Do you know how many websites ask you to answer a series of security questions in case you need to recover your password? Remember what information you have entered as a security measure and do not share it. Otherwise, scammers can easily answer your security questions. Of course, this also applies to things like login information and account numbers.
- Secure yourself online. If a site offers two-factor authentication, use it. It’s not bulletproof, but it’s better than nothing. Use strong, unique passwords on the websites you visit, and store them more securely with a trusted password manager.
How to help prevent ransomware
- Keep your software up to date. Ensuring your operating system and apps receive new updates as soon as they’re released will plug security holes and prevent hackers from using exploits to distribute ransomware.
- Back up your system regularly. Ransomware usually gains its power from blocking access to important files. If you have backed up your files elsewhere, the chances of losing them to ransomware are reduced. Perform regular backups of your system and files – cloud services and physical storage are both viable options, and you should use both if you can. If your device allows you to set an automatic backup schedule, do that too.
- Use an ad blocker. Load your browser with an ad blocker to protect against malvertising and drive-by downloads: two ad-related ways ransomware can enter your system.
- Be skeptical. Be wary of strange links sent in email or on other messaging platforms. Even if the link is from someone you know, they may have been hacked. Learn the signs of unsafe websites and avoid visiting them.
- Use an antivirus. Ransomware can only harm you if it can reach you. Use a robust online security app that helps block malware and viruses before they can get anywhere near you. Avast On helps block unsafe links, sketchy downloads, and unsafe websites.
More tips on how people can take control of their digital lives and protect themselves from threats in 2023 can be found here:
– Avast’s Essential Guide to Ransomware
– Avast’s essential guide to staying scam-free
Avast is a global digital security and privacy brand of Gen™ (NASDAQ: GEN), a global company dedicated to driving Digital Freedom through its family of trusted consumer brands, including Norton, Avast, LifeLock, Avira, AVG, ReputationDefender and CCleaner. With hundreds of millions of users online, Avast protects people from online threats and the evolving IoT threat landscape. Avast’s threat detection network is among the most advanced in the world, using machine learning and artificial intelligence technology to detect and stop threats in real time. Avast digital security products for mobile, PC or Mac are top rated and certified by VB100, AV-Comparatives, AV-Test, SE Labs and others. Avast is a member of the Coalition Against Stalkerware, No More Ransom and the Internet Watch Foundation. Visit: www.avast.com.
Stay in touch with Avast:
Consult: [email protected]
SOURCE Avast Software, Inc.