According to the top security predictions for 2019 from security firm Bitdefender, ransomware lost its spot as the number one cyber threat to consumers and enterprises during the first half of 2018, after topping the list for many years, and growth is now plateauing as the year comes to an end.
Bitefender attributes the slowdown in growth to ransomware taking a “well documented” back seat to crypto-jacking in the past year as bad actors moved towards stealing computing power to generate digital currency whilst flying under the radar.
“But an even heftier factor behind ransomware’s stagnation is the emergence of dedicated solutions aimed directly at thwarting this form of malware,” Bitdefender says.
But, despite being somewhat outpaced by cryptojackers, Bitdefender says ransomware has made a rapid recovery, “showing that file-encrypting malware is here to stay” – and “all signs point to a 2019 defined by new emerging threats”.
The report from Bitfefender looks at the security landscsape covering a number of areas, including the Internet of Things (IoT), macOS attacks and what the security company describes as “the shift to mobile attacks”.
Here’s the report:
- Internet of Things (IoT)
We expect more attacks leveraging Internet of Things (IoT) / smart and connected devices. As lawmakers scramble to come up with a way to regulate the IoT space, attackers will continue to capitalise on their inherent weaknesses. Hackers are becoming better at hijacking IoT products like baby monitors, surveillance cams and other home appliances. And connected medical devices are far from safe either. In fact, body implants that support wireless connectivity may lead to the first ransomware attacks where you need to pay or die. Sound wild? Just remember that, in 2013, former US Vice President Dick Cheney asked his doctors to disable the wireless function in his pacemaker to thwart the potential of terrorists hacking it.
In another noteworthy trend in the IoT landscape, manufacturers are jumping on the cellular bandwagon, gradually moving their IoTs from WiFi to LTE and from ipv4 to ipv6. While this shift promises increased security, it will likely open up a new can of worms since it’s relatively new ground for the IoT ecosystem.
- macOS attacks on the rise
Apple’s share of the desktop market is rising, and malware designed to infect Macs is growing along with it. We project an increase in the number of attacks targeting Mac users, something we are already beginning to see in our internal telemetry. Our data shows not just new macOS-specific malware, but also macOS-specific mechanisms and tools designed to capitalise on Macs post-breach. We’ve already seen this in past APTs that housed Mac-specific components.
- MACROs and fileless attacks
Attacks leveraging Microsoft Office MACROs will also increase in number and scope. MACROs are a feature, not a bug as the old adage goes. Which makes it the perfect bait for victims prone to social engineering scams – where the attacker convinces the victim to essentially partake in their own abuse.
We expect file-less attacks – such as those leveraging powershell and other system-bound formats like reg, mshta etc. – to also increase in scope in the year to come.
- Potentially unwanted applications (PUA) and cryptojacking
Potentially unwanted applications (PUA), including adware, don’t pose a tremendous threat in and of themselves, but they’re not innocent either. For example, you could download a seemingly legitimate application not knowing it’s bundled with crypto miner or even malware.
Finally, we can expect a shift from drive-by-downloads of malware to full blown drive-by-mining. In other words, the use of web-mining APIs that perform crypto-mining, directly in the user’s browser, instead of exploit-kits to download malware onto the victim’s computer.
- Combating invisible threats
Network-level exploits will enter the limelight next year, and they will likely be hyped by social media, if history is any indication. And researchers will have to devote considerable resources to analyzing hardware-based implants, hardware backdoors, and hardware design flaws, as well as supply chain compromises in software.
- APTs targeting banks
We expect advanced persistent threats to continue emerging, with a renewed focus on the banking sector, reminiscent of the Carbanak group making headlines in 2014 for using an APT-style campaign to steal money from banks. The malware was reportedly introduced via phishing emails, with the hackers said to have stolen hundreds of million dollars not only from banks, but from more than a thousand private customers as well.
- GDPR to show its fangs
Here’s a positive prediction for a change: Thanks to the EU’s renewed effort to protect personally identifiable information – in the form of the General Data Protection Regulation that took effect in May this year – we should expect fewer “credential leaks” to occur, or at the very least make headlines. Security incidents will be more thoroughly contained at an organisation level in an effort to avoid penalties that could force a business into bankruptcy. Remember that the GDPR can dish out fines of up to 4% of the victim’s annual turnover, which can translate into hundreds of millions and even billions of dollars in the case of large enterprises and corporations.
- A shift towards mobile attacks
Fintech services are paving the way to a very profitable new trend for hackers, particularly in the mobile space. The more money they manage on behalf of their users, or the tighter the integration with traditional banking systems, the more attention they will get from cybercrooks who will likely develop new threats targeting these specific services in 2019.