Covid-19 vaccination scams and attacks on healthcare and pharma organizations
In 2020, with the start of the pandemic, Covid-19-related fake shops began circulating, promising cures and dubious pandemic survival tips. With the availability of vaccinations expected in 2021, Avast experts predict a surge in vaccination scams, presented to users via fake shops and ads on social media.
Fake offering: Users of this and other websites in 2020 complained they never received the Covid-19 related goods after purchasing them.
This year, a number of healthcare institutions in the US, Europe, and Asia were attacked by ransomware, stealing data that in some cases were leaked to the public. Cybercrime groups also initiated espionage attacks on pharmaceutical and clinical research organizations. In 2021, Avast threat intelligence experts anticipate further ransomware, data exfiltration and espionage attacks on healthcare and pharmaceutical sectors.
As many employees will continue to work from home in 2021, there is a high likelihood that cyber attacks on enterprise VPN infrastructure and providers will continue, with the goal of infiltrating business networks with targeted attacks designed to spy on confidential information and steal intellectual property and customer data.
“We expect to see a continuation of ransomware attacks on healthcare institutions and the exfiltration of sensitive data, with attacks specifically targeting pharmaceutical companies and institutions to harvest sensitive customer information for blackmailing and industry espionage. Companies in other sectors will be at risk of falling victim to targeted attacks via their VPN infrastructure and remote desktop applications they may be using to connect employees working from home,” said Jakub Kroustek, Threat Labs Team Lead at Avast.
“Individuals, on the other hand, should be wary of scams, specifically around the topic of vaccinations. If people see vaccination offerings circulating on the internet, they need to keep in mind that the sale is likely too good to be true, as vaccinations should be distributed through official sources only. Instead of falling for shady scams, people should trust their local doctors and medical institutions for Covid-19 information and vaccinations.”
Deepfakes to play a bigger role in disinformation campaigns
The quality of deepfakes has greatly improved over the last few years, but up until now, they have only been used in isolated cases, or as proof of concept. In deepfake videos, computer animation tricks are used to manipulate gestures, facial expressions and the voice of a real person, such as a politician or celebrity, making it hard for the audience to distinguish if an action or statement from the person is real or not. How advanced the technology is today can be seen in examples of researchers demonstrating “how to create deepfake videos within five minutes”.
“Deepfakes will likely reach a quality next year where they can be actively used in disinformation campaigns. Conspiracy theories about the coronavirus, such as its alleged spread via 5G, could be reemphasized via deepfake videos, for example wrongly showing politicians as conspirators. The pandemic, the resulting increase in people working from home, and higher reliance on online connectivity as well as the growing economic pressure, combined with uncertainty among people, are likely to feed into the effectiveness of the use of deepfakes to spread disinformation,” said Petr Somol, AI Research Director at Avast.
Datasets and knowledge bases for AI-based threats to grow further
While there has yet to be clear evidence of known AI-based threats circulating in the wild, Avast has observed an acceleration in the growth of new and emerging threats. This growth is due to the use of automation by the adversaries where AI may be involved to some extent, likely in combination with simpler techniques.
Malicious campaigns, targeted attacks, and Advanced Persistent Threats generated using AI techniques are already viable, but to become effective, very extensive datasets and knowledge bases are needed and Avast AI experts anticipate these to be developed in 2021 and beyond.
Adware and stalkerware to thrive further
On mobile devices, Avast experts anticipate the mobile threat landscape to be dominated by aggressive adware as it is an easy way for cybercriminals to make money. For most of 2020, adware was the strongest Android threat, with about one-third of all threats being adware. Fleeceware, a subscription scam that can be described as a combination of adware and fake apps, was also prominent in 2020, both on iOS and Android. Avast experts predict that these will likely remain dominant in 2021.
Since the initial surge of stalkerware during the first wave of the pandemic, the number of global stalkerware attacks has remained high throughout 2020. Stalkerware are apps that are typically installed secretly by a person close to the victim, such as a jealous spouse, to spy on the person by tracking their physical location, monitoring messages and recording phone calls. Avast’s mobile threat intelligence experts expect this trend to continue, but do not expect to see a new surge.
“The cybersecurity industry has continued to raise awareness around the issue of stalkerware in 2020 which may help prevent further growth in stalkerware attacks at the end of this year and in 2021 as the authors and operators may be waiting for the hype to die down before they can drive new campaigns. The primary modus operandi for this category of threat is, after all, stealth. There will, however, always be a loyal user base in the stalkerware field,” said Ondrej David, Mobile Malware Analysis Team Leader at Avast. “Android and iOS adware, on the other hand, is a low-risk, high-gain business model. Although the security community and the Google Play and Apple App Stores are increasingly fighting against adware, it’s usually very hard to detect as ads may not always run immediately after app installation, so a lot more effort needs to go into the field of detecting such unwanted apps.”
25th November 2021
27th April 2022
30th March 2022
18th May 2022
18th May 2022
11th May 2022