Security Market Segment LS
Tuesday, 11 December 2018 10:41

Ransomware still dominates the global threat landscape Featured

Ransomware still dominates the global threat landscape Image courtesy of Stuart Miles at

Ransomware attacks continue to be the world’s main security threat and the most profitable form of malware, but a new global report claims that despite “copious” numbers of infections daily there’s emerging signs the threat is no longer growing.

According to the top security predictions for 2019 from security firm Bitdefender, ransomware lost its spot as the number one cyber threat to consumers and enterprises during the first half of 2018, after topping the list for many years, and growth is now plateauing as the year comes to an end.

Bitefender attributes the slowdown in growth to ransomware taking a “well documented” back seat to crypto-jacking in the past year as bad actors moved towards stealing computing power to generate digital currency whilst flying under the radar.

“But an even heftier factor behind ransomware’s stagnation is the emergence of dedicated solutions aimed directly at thwarting this form of malware,” Bitdefender says.

“There will always be new versions of ransomware, some more complex than others and some harder to catch, but we don’t expect ransomware to take on much bigger proportions. At least not bigger than in the past year.”

But, despite being somewhat outpaced by cryptojackers, Bitdefender says ransomware has made a rapid recovery, “showing that file-encrypting malware is here to stay” – and “all signs point to a 2019 defined by new emerging threats”.

The report from Bitfefender looks at the security landscsape covering a number of areas, including the Internet of Things (IoT), macOS attacks and what the security company describes as “the shift to mobile attacks”.

Here’s the report:

  • Internet of Things (IoT)

We expect more attacks leveraging Internet of Things (IoT) / smart and connected devices. As lawmakers scramble to come up with a way to regulate the IoT space, attackers will continue to capitalise on their inherent weaknesses. Hackers are becoming better at hijacking IoT products like baby monitors, surveillance cams and other home appliances. And connected medical devices are far from safe either. In fact, body implants that support wireless connectivity may lead to the first ransomware attacks where you need to pay or die. Sound wild? Just remember that, in 2013, former US Vice President Dick Cheney asked his doctors to disable the wireless function in his pacemaker to thwart the potential of terrorists hacking it.

In another noteworthy trend in the IoT landscape, manufacturers are jumping on the cellular bandwagon, gradually moving their IoTs from WiFi to LTE and from ipv4 to ipv6. While this shift promises increased security, it will likely open up a new can of worms since it’s relatively new ground for the IoT ecosystem.

  • macOS attacks on the rise

Apple’s share of the desktop market is rising, and malware designed to infect Macs is growing along with it. We project an increase in the number of attacks targeting Mac users, something we are already beginning to see in our internal telemetry. Our data shows not just new macOS-specific malware, but also macOS-specific mechanisms and tools designed to capitalise on Macs post-breach. We’ve already seen this in past APTs that housed Mac-specific components.

  • MACROs and fileless attacks

Attacks leveraging Microsoft Office MACROs will also increase in number and scope. MACROs are a feature, not a bug  as the old adage goes. Which makes it the perfect bait for victims prone to social engineering scams – where the attacker convinces the victim to essentially partake in their own abuse.

We expect file-less attacks – such as those leveraging powershell and other system-bound formats like reg, mshta etc. – to also increase in scope in the year to come.

  • Potentially unwanted applications (PUA) and cryptojacking

Potentially unwanted applications (PUA), including adware, don’t pose a tremendous threat in and of themselves, but they’re not innocent either. For example, you could download a seemingly legitimate application not knowing it’s bundled with crypto miner or even malware.

We forecast an increase in JavaScript-based miners embedded in webpages – like the YouTube cryptojacking incident where attackers conducted a malvertising campaign and injected miners within ads displayed on YouTube.

Finally, we can expect a shift from drive-by-downloads of malware to full blown drive-by-mining. In other words, the use of web-mining APIs that perform crypto-mining, directly in the user’s browser, instead of exploit-kits to download malware onto the victim’s computer.

  • Combating invisible threats

Network-level exploits will enter the limelight next year, and they will likely be hyped by social media, if history is any indication. And researchers will have to devote considerable resources to analyzing hardware-based implants, hardware backdoors, and hardware design flaws, as well as supply chain compromises in software.

  • APTs targeting banks

We expect advanced persistent threats to continue emerging, with a renewed focus on the banking sector, reminiscent of the Carbanak group making headlines in 2014 for using an APT-style campaign to steal money from banks. The malware was reportedly introduced via phishing emails, with the hackers said to have stolen hundreds of million dollars not only from banks, but from more than a thousand private customers as well.

  • GDPR to show its fangs

Here’s a positive prediction for a change: Thanks to the EU’s renewed effort to protect personally identifiable information – in the form of the General Data Protection Regulation that took effect in May this year – we should expect fewer “credential leaks” to occur, or at the very least make headlines. Security incidents will be more thoroughly contained at an organisation level in an effort to avoid penalties that could force a business into bankruptcy. Remember that the GDPR can dish out fines of up to 4% of the victim’s annual turnover, which can translate into hundreds of millions and even billions of dollars in the case of large enterprises and corporations.

  • A shift towards mobile attacks

Fintech services are paving the way to a very profitable new trend for hackers, particularly in the mobile space. The more money they manage on behalf of their users, or the tighter the integration with traditional banking systems, the more attention they will get from cybercrooks who will likely develop new threats targeting these specific services in 2019.

Read 4004 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


Peter Dinham

Peter Dinham - retired in 2020. He is a veteran journalist and corporate communications consultant. He has worked as a journalist in all forms of media – newspapers/magazines, radio, television, press agency and now, online – including with the Canberra Times, The Examiner (Tasmania), the ABC and AAP-Reuters. As a freelance journalist he also had articles published in Australian and overseas magazines. He worked in the corporate communications/public relations sector, in-house with an airline, and as a senior executive in Australia of the world’s largest communications consultancy, Burson-Marsteller. He also ran his own communications consultancy and was a co-founder in Australia of the global photographic agency, the Image Bank (now Getty Images).

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News