본문내용 바로가기 메인메뉴 바로가기 푸터 바로가기

Publications

[INFORMATION] KISA TOP 7 Trends in Cyber Threats 20202020.04.13
Top 7 Trends in Cyber Threats 2020


1. Security vulnerabilities becoming a part of everyday life as unseen threats (KISA)

▶ Increase in cyber threats to IoT services, such as intelligent CCTVs and AI speakers
▶ Fears about another “WannaCry” threat in systems unpatched for BlueKeep, the RDP (Remote Desktop Protocol) vulnerability in Windows
▶ Attempts to exploit vulnerabilities in operating systems that have reached or are about to reach end-of-life (Window 7/XP, Server 2008/2003, etc.)


2. Impact of ransomware scaling from individuals to public & private stakeholders (Ahnlab)

▶ Distribution of ransomware+APT by threat actors disguised as public & private stakeholders
▶ Ransomware+APT attacks demanding a higher ransom than that for PC attacks
▶ Backup files becoming encrypted or damaged upon ransomware infection


3. Cryptocurrency exchanges vulnerable to repeated cybersecurity incidents (INCA Internet)

▶ Cryptocurrency exchanges under constant attack aimed at stealing or manipulating cryptocurrency
▶ Increase in malware distribution under the disguise of cryptocurrency exchange or wallet programs
▶ Continued attempts to promote distribution and infection via hard-to-detect cryptomining malware


4. Malware hidden in text messages and emails (Hauri)

▶ Targeted attacks on mobile devices with malicious apps via links in text messages/emails
▶ Emergence of IoT botnets on a massive scale and resumption of DDoS attacks due to the spread of IoT devices
▶ Increased attempts to steal valid code-signing certificates and misuse them for the wider spread and infection of malware


5. APT(Advanced Persistent Threat) attacks becoming more discreet & sophisticated (East Security)

▶ Advances in spear phishing through forgery/falsification of seemingly legitimate documents such as Request for Quotes or press releases
▶ Targeted phishing attacks using document creation/editing softwares own encryption settings
▶ Malware that utilizes communication techniques through ordinary services, such as Google Drive, DropBox or Slack


6. Attacks on supply chains spreading to mobile devices (NSHC)

▶ Increased attacks within the software supply chain, targeting mobile apps and smartphone manufacturers
▶ Attempts to insert malware into software for smart cars or medical devices
▶ Targeted attacks that infect/execute malware for specific users of software


7. Emergence of new security threats to convergence services (Bitscan)

▶ Emergence of cybersecurity threats to smart cities, e.g. traffic congestion and CCTV incapacitation through compromised transportation systems
▶ Malware propagating during smart factory maintenance, thereby collecting information and disrupting systems 
▶ Leakage of patients’ personal information/prescription data and malfunctioning of medical devices caused by healthcare system hacking
  


□ 작성 : 사이버보안빅데이터센터 글로벌보안협력팀(International Cyber Intelligence Team)
첨부파일 TOP 7 Trends in Cyber Threats 2020.pdf