For most people, a new year means a fresh start. For security managers, each year brings a new wave of increasingly sophisticated cyber threats—and staying on top is not easy. Cybercriminals are constantly innovating and finding new ways to compromise corporate data, and staying one step ahead is the only way to effectively secure your network. Aside from new, complex threats like botnet swarms, security teams still have to manage risks related to older yet efficient threats like phishing or ransomware.
Thanks to the introduction of the GDPR last year, companies are not only held to high standards in terms of data security, but they also risk facing hefty fines if they allow a breach due to malpractice.
Ransomware attacks are still around thanks to their devastating effects and their relative simplicity, and, like most threats, they are also getting smarter. Attackers are very diligent when it comes to the research behind the target and timing of the attack, and even the amount they ask for.
Experts say that the ransomware underworld will also become stronger by creating “malware-as-a-service” families that will actively work together. In fact, even now, criminals can buy ready-to-use scripts on the dark web for pennies.
2. IoT Botnets
The IoT (Internet of Things) market could reach $6.5 trillion by 2024, which means that it’s a huge opportunity for attackers to exploit, especially since not all manufacturers will make their devices updatable. It’s highly likely that IoT botnets will evolve dramatically in 2019, and so will the regulatory environment surrounding the devices.
One example of how IoT devices might “turn against” their owners is botnet swarms. These clusters of compromised devices leverage peer-based AI to attack networks and breach organizations. Such AI-based attacks are particularly dangerous because machines are much faster than humans, they are able to make decisions independently, and they identify and swarm different attack vectors at once.
3. Cryptomining malware
Cryptominer attacks increased by over 83% in 2018 and targeted over 5 million users in the first three quarters—and they’re most likely not going anywhere in 2019. Cybercriminals favor mining because such exploits are almost impossible for the victims to detect. Kaspersky Lab researchers found evidence suggesting that “the owners of many well-known botnets have switched their attack vector toward mining.”
Wiper malware destroys systems or data and is typically used to send a political message, sabotage an organization, or cover the hacker’s tracks after a previous attack. Chronicle security researchers recently revealed that one of the most destructive malware families ever seen, Shamoon, has reappeared, suggesting an impending attack. Its previous iterations struck in 2012 and 2016, crippling tens of thousands of workstations belonging to organizations based in Saudi Arabia.
5. Fileless malware
As its name suggests, fileless malware infects computers without leaving behind artifacts on the local hard drive. It typically infiltrates computers via vulnerabilities in browsers and associated programs or via phishing. Fileless attacks were on the rise in 2018, and chances are the trend will continue throughout the new year.
6. Encrypted traffic malware
According to a PwC study, 60% of attacks will occur on encrypted traffic in 2019. Because more and more companies are using it to secure their data, encryption is becoming increasingly appealing to hackers. Because security tools can’t inspect encrypted traffic, it’s the perfect place for attackers to hide malware.
Since decrypting the traffic to check for malicious activity would raise privacy concerns and significantly lower network performance, organizations can check the metadata associated with the traffic flows using AI and machine learning to block bad traffic.
7. AI-assisted imposters
Now that extremely lifelike rendering has become a reality, chances are that high-profile malicious actors will try to exploit it. Being able to generate legitimate-looking photos of people might lead to an influx of fake accounts and identities, which can be used for various malicious purposes. Nvidia recently announced that it will release the source code for its generative adversarial network, which people can use to create realistic-looking pictures of fake faces.
An uncertain future
Who knows what else the future has in store for cyber security? Nobody can tell for sure. But what’s certain is that security teams will probably always have to strive to stay one step ahead of hackers to secure their organizations. Hopefully, this list gave you a general idea of what’s to come and will help you take all the measures you need to keep attacks at bay.