Will QR (quick response codes) attacks be used to seek entry into rich streams of data like healthcare? The sector has been beleaguered by increases in ransomware attacks. The danger is that cybercriminals will always on the look-out for the next opportunity as they continue to perfect their attack methods. This includes increasing the sophistication of attacks as criminal entities follow the money trail.
While ransomware is still very much on the horizon, businesses and consumers need to watch out for QR code attacks. This is according to Magni Sigurðsson, who is the Senior Manager of Detection Technologies at the company Cyren.
Sigurðsson explains to Digital Journal how for a long time: “Cybercrime has operated as a dark mirror to the legitimate business world, and threat actors have always been adept at incorporating technological trends into their attacks.”
The criminal groups are, unfortunately, adept at finding new opportunities through which they can cause havoc. Sigurðsson calls out the latest of these threats, drawing on the “resurgence of the QR code.”
There is a reason this has become, once again, a popular form of website access. Sigurðsson explains: “This often-overlooked technology has been around for decades but has returned to prominence over the last two years due to the COVID-19 pandemic. The scannable software is well-suited to delivering information in a COVID-safe fashion at set locations, and we have seen an increase in its use online as well.”
Wherever anything digital is popular, cyber-gangs follow. As Sigurðsson observes: “Unsurprisingly, the cybercriminal community wasted little time taking advantage of this trend, evidenced by the increased number of attacks exploiting QR codes. As the software becomes more mainstream in marketing and sales activity over the next year, we anticipate attacks that utilize the tool to follow suit.”
This means we can expect renewed activity in this area. Sigurðsson states: “QR code attacks are the latest example of attackers adapting their techniques to mirror popular technology trends, as well as finding new ways to evade security measures.”
Casting his eye over the expected trends, Sigurðsson foresees: “As QR codes gain in popular use over the next year, we can anticipate more attacks exploiting the medium. We have already seen QR attacks across multiple industries, and threat actors are also likely to begin using these techniques to target businesses as well as individual consumers.”
This leads Sigurðsson to warn: “The use of QR codes ties into the wider movement towards mobile attacks, and we anticipate an increased use in SMS phishing as threat actors seek to evade desktop-based security.”
The analyst’s final piece of advice is: “It’s important for organizations to factor this growing trend into their security strategies.”