Home Security ‘Vaporworms’ among new security threats in coming year: report
‘Vaporworms’ among new security threats in coming year: report Image courtesy of Stuart Miles at FreeDigitalPhotos.net Featured

The emergence of Vaporworms — a new breed of fileless malware with wormlike properties that allow it to self-propagate through vulnerable systems — global Internet disruption and rogue AI chatbots are among the security threats predicted to hit the world in 2019, according to a new report.

Security firm Watchguard Technologies says a takedown of the Internet itself is a threat in 2019, along with ransomware targeting utilities and industrial control systems.

WatchGuard’s Threat Lab research team developed the predictions based on an analysis of major security and threat trends over the past year.

“Cyber criminals are continuing to reshape the threat landscape as they update their tactics and escalate their attacks against businesses, governments, and even the infrastructure of the Internet itself,” said Corey Nachreiner, chief technology officer at WatchGuard Technologies.

“The Threat Lab’s 2019 predictions span from highly likely to audacious, but consistent across all eight is that there’s hope for preventing them.

“Organisations of all sizes need to look ahead at what new threats might be around the corner, prepare for evolving attacks and ensure they’re equipped with layered security defenses to meet them head-on.”

Here’s WatchGuard Threat Lab’s 2019 Security Predictions for 2019:
 
1. “Vaporworms” or fileless malware worms will emerge. Fileless malware strains will exhibit wormlike properties in 2019, allowing them to self-propagate by exploiting software vulnerabilities. Fileless malware is more difficult for traditional endpoint detection to identify and block because it runs entirely in memory, without ever dropping a file onto the infected system. Combine that trend with the number of systems running unpatched software vulnerable to certain exploits, and 2019 will be the year of the vaporworm.

2. Attackers will hold the Internet hostage. A hacktivist collective or nation-state will launch a coordinated attack against the infrastructure of the internet in 2019. The protocol that controls the internet (BGP) operates largely on the honour system, and a 2016 DDoS attack against hosting provider Dyn showed that a single attack against a hosting provider or registrar could take down major websites. The bottom line? The internet itself is ripe for the taking by someone with the resources to DDoS multiple critical points underpinning the Internet or abuse the underlying protocols themselves.

3. Escalations in state-level cyber attacks force a UN cyber security treaty. The UN will more forcefully tackle the issue of state-sponsored cyber attacks by enacting a multinational Cyber Security Treaty in 2019.

4. AI-driven chatbots go rogue. In 2019, cyber criminals and black hat hackers will create malicious chatbots on legitimate sites to socially engineer unknowing victims into clicking malicious links, downloading files containing malware, or sharing private information.

5. A major biometric hack will be the beginning of the end for single-factor authentication. As biometric logins like Apple’s FaceID become more common, hackers will take advantage of the false sense of security they encourage and crack a biometric-only login method at scale to pull off a major attack. As a result, 2019 will see strong growth in the use of multi-factor authentication (MFA) for added protection among groups with more security knowledge, particularly push-based authentication and MFA for Cloud application defence.

6. A nation-state will take “fire sale” attacks from fiction to reality. In the Die Hard film series, a “fire sale” was a fictional three-pronged cyber-attack, targeting a city or state’s transportation operations, financial systems, public utilities and communication infrastructure. The fear and confusion caused during this attack was designed to allow the terrorists to siphon off huge sums of money undetected. Modern cyber security incidents suggest that nation-states and terrorists have developed these capabilities, so 2019 may be the first year one of these multi-pronged attacks is launched to cover up a hidden operation.

7. Hackers will cause real-world blackouts as targeted ransomware focuses on utilities and industrial control systems. Targeted ransomware campaigns will cause chaos in 2019 by targeting industrial control systems and public utilities for larger payoffs. The average payment demand will increase by over 6500 percent, from an average of $300 to $20,000 per attack. These assaults will result in real-world consequences like city-wide blackouts and the loss of access to public utilities.

8. A WPA3 Wi-Fi network will be hacked using one of the six Wi-Fi threat categories. Hackers will use rogue APs, Evil Twin APs, or any of the six known Wi-Fi threat categories (as defined by the Trusted Wireless Environment Framework) to compromise a WPA3 Wi-Fi network in 2019, despite enhancements to the new WPA3 encryption standard. Unless more comprehensive security is built into the Wi-Fi infrastructure across the entire industry, users can be fooled into feeling safe with WPA3 while still being susceptible to attacks like Evil Twin APs.

47 REASONS TO ATTEND YOW! 2018

With 4 keynotes + 33 talks + 10 in-depth workshops from world-class speakers, YOW! is your chance to learn more about the latest software trends, practices and technologies and interact with many of the people who created them.

Speakers this year include Anita Sengupta (Rocket Scientist and Sr. VP Engineering at Hyperloop One), Brendan Gregg (Sr. Performance Architect Netflix), Jessica Kerr (Developer, Speaker, Writer and Lead Engineer at Atomist) and Kent Beck (Author Extreme Programming, Test Driven Development).

YOW! 2018 is a great place to network with the best and brightest software developers in Australia. You’ll be amazed by the great ideas (and perhaps great talent) you’ll take back to the office!

Register now for YOW! Conference

· Sydney 29-30 November
· Brisbane 3-4 December
· Melbourne 6-7 December

Register now for YOW! Workshops

· Sydney 27-28 November
· Melbourne 4-5 December

REGISTER NOW!

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

Peter Dinham

Peter Dinham is a co-founder of iTWire and a 35-year veteran journalist and corporate communications consultant. He has worked as a journalist in all forms of media – newspapers/magazines, radio, television, press agency and now, online – including with the Canberra Times, The Examiner (Tasmania), the ABC and AAP-Reuters. As a freelance journalist he also had articles published in Australian and overseas magazines. He worked in the corporate communications/public relations sector, in-house with an airline, and as a senior executive in Australia of the world’s largest communications consultancy, Burson-Marsteller. He also ran his own communications consultancy and was a co-founder in Australia of the global photographic agency, the Image Bank (now Getty Images).

 

Popular News

 

Telecommunications

 

Sponsored News

 

 

 

 

Connect