Skip to main content

Here’s what to expect from the cyber criminal underworld in 2021

(Image credit: Shutterstock / Khakimullin Aleksandr)

It’s no surprise that cyber criminals have been quick to capitalize on weakened online security systems to create havoc throughout the pandemic. According to analysis of police data by security company Nexor, the UK saw a 31 percent rise in cybercrime amid the pandemic.  

Another global security report blamed Coronavirus for a 238 percent rise in cyber attacks on banks: a 600 percent increase in phishing attacks and a 148 percent rise in ransomware attacks, all since February 2020.  

There is no doubt that cyber criminals are continuing to evolve their tools and tactics to make ever more sophisticated attacks. Here’s what you can expect more of from cyber criminals, this year and beyond.

Cybercrime begins at home  

Your home router – the box given to you by your broadband provider – is woefully inadequate when it comes to security. Built by a factory in China by the lowest bidder, it is very likely that the credentials used to access the core administration functions are set to a specific default (most likely the username ‘Admin’ and the password ‘password’) which is widely known across the cyber criminal community. On top of that, the core software which runs the router – known as the ‘firmware’ – will be old and significantly out-of-date, leaving your home router wide open for someone to exploit. 

Now, this was not really an issue in the past because attacks against individual home routers were uncommon and not likely to compromise your data – the attacks mainly consisting of recruiting the router into what is known as a ‘Botnet’. But now the cyber criminals are looking again at home routers and, by putting together data on individuals that is already out there on the internet, they can identify individuals of interest to them and work towards accessing corporate data through compromising their home router. 

This is not as unlikely as it sounds. We all leave pieces of identifiable data – called Open-Source Intelligence, or OSINT – on the internet. Just think of how much information is contained within your LinkedIn profile alone. A motivated cyber group can – and will – be able to identify the home address of individuals who work for their intended target, and from there. attempt to compromise the organization by intercepting data before it gets to the secure confines of the company network.

Increasing attacks on education   

According to Microsoft, 61 percent (nearly 4.8 million) of malware encounters reported in August 2020 took aim at the education sector, making it the most affected industry worldwide. Because of the valuable information stored on the education sector’s networks, as well as the precarious state of their network infrastructures, universities and colleges will remain a key target for cyber criminals and hostile nation states in the coming year and beyond. 

Advanced cyber threats groups, often backed by hostile nation-states, are actively targeting the UK’s universities, and attempting to gain access to Covid research, intellectual property and, in the case of Chinese state-backed groups, identify Chinese nationals at UK universities who may display anti-Beijing views. Yet due to the sheer numbers of students and staff to provide computer resources to; the diverse range of requirements and issues to deal with; the sheer scale of different devices connected to the internet within various university departments (ranging from PC’s and tablets to advanced scientific equipment) and the lack of resources due to budgetary constraints, the education sector is increasingly seen as fair game. 

We know that several sophisticated cyber groups are actively targeting British universities right now. Smart universities that consequently continue to invest in their cyber threat detection capabilities, rather than reduce budgets, will be in a better position to protect their staff, students and valuable research data in the years to come.

From darknet to gaming platforms  

Cryptocurrency exit scams and law enforcement seizures over the past few years have made darknet market trading a risky venture.  Empire Market, one of the darknet’s largest, which sold access to databases that contain the personal information of millions of people, ceased trading in August following a suspected exit scam – effectively closing immediately and running off with everyone’s cryptocurrency.  Its removal from the scene followed the successful law enforcement takedown of its predecessors including Silk Road, AlphaBay, and Hansa - consequently making the darknet a volatile place to do business where little trust has prevailed.  

Even before the latest upheaval in the dark web market, security researchers saw signs that drug dealers and other digital underground communities were already migrating to other platforms, such as anonymous mobile messaging apps like Telegram and Wickr. Now, however, many cyber criminals are actively moving to alternative platforms to establish buying and selling bases that foster a greater degree of trust - and gaming platforms have proved an increasingly viable option to trade on, as well as launder money effectively.  

Overshadowing the film, music and television sectors for a decade, the video game industry, particularly the market of online multiplayer games, has seen a surge of corrupt activity in recent years due to its unregulated status by local and international organizations, ease of transfer of in-game currency, and crowded platforms that allow criminal transactions to get lost in immeasurable legitimate ones. It is well known that terror cells, such as ISIS, have been using encrypted, in-game chat rooms for years to communicate with each other globally. 

And it’s all pretty simple to set up too. Criminals download a free game – such as World of Warcraft – and create their own avatar. To protect their identity further, many opt to hack an already existing account. The criminal then channels the proceeds of their illegal activity or stolen credit cards into the game and converts the money to the game’s currency. This virtual currency is created specifically for the game to fuel its virtual economy and is earned through the winning of challenges or by acquiring new skills or simply purchased with real money. Once inside the game, they will buy rare weapons or level up their characters through microtransactions. They will then sell their high-powered characters or in-game virtual currency at a cheap price on websites such as eBay, PlayerAuctions or iGVault. Until law enforcement gets better at detecting and monitoring communications and money laundering on gaming platforms, I expect more criminals this year, will move onto them to do business. 

We all need to face the realization that we are in an arms race with cyber crime groups. We did not want the race, but we are all involved.  As well as remaining consistently vigilant to increasingly sophisticated phishing texts and emails – which now really do look like they come from your bank or Amazon or PayPal, I highly recommend that everyone, at the very least, creates unique complex passwords, not only for their devices, but for their home router also. It’s worth looking into acquiring a Password Vault, such as LastPass, that decrypts your data and stores your passwords securely to make this a much easier task.  

Although, there are a number of VPN providers out there that enable you to configure your router to its service so that all your devices are protected behind the VPN, these can be complicated to install and many services, such as Netflix, Microsoft Office as well as your online bank service currently will often not work due to the in-built geo-hopping nature of the service which jumps from one country to the next to give you the best bandwidth speeds.  I expect VPN services will evolve over the coming years to rectify this problem, making them a prerequisite for us all.

Vince Warrington, CEO, Dark Intelligence

Vince Warrington
Vince Warrington is the Founder of Protective Intelligence.