Two words: Meltdown and Spectre have dominated cybersecurity world.
While these two cybersecurity threats are getting more than their share of attention, the rest of the malware world isn’t standing by.
Researchers looked through cyber attack data from the last year and identified three significant threats that are on the rise. The trends below provide a good indication of how the cyber security solutions will shift in 2018:
1. More attacks will be going clickless meaning user interaction is not needed anymore
End-users aren’t the weakest link anymore because companies have invested heavily in cybersecurity awareness training to reduce the chances that employees would be tricked into clicking a malicious link or attachment. Seeing this, cybercriminals have begun to take end-users out of the equation by launching an increasing number of clickless attacks.
WannaCry and NotPetya cyberattacks are two prominent examples. Both avoided end-user interaction entirely by exploiting shared access points like Microsoft’s SMB and RDP ports that had been left open and vulnerable. Researchers expect this trend to continue.
To be prepared for this type of cybersecurity threats every company should start with the oldest security advice in the industry, keeping patches up to date and protect every system with a top cybersecurity solution. Depending on which OS is running on company devices is recommended the install of antivirus for Windows or antivirus for Mac.
2. Cybercriminals are increasingly evading detection by: living off the land
This is the most aggravating forms of cybersecurity threat: using your tools and processes as weapons. Known as living off the land, cybercriminals are increasingly leveraging programs that are already on their targets to evade detection and actively spread infections.
NotPetya had this method implemented by using PSExec and Windows Management Instrumentation (WMI) to propagate. Other malware is adopting it too by increasingly hijacking PowerShell, Windows Credentials Editor (WCE), and Group Policy Objects (GPOs) among others. The use of these tools doesn’t raise any cybersecurity alerts because they are legitimate programs and won’t be caught by scanners. As a result, the malware is going undetected.
3. “Plug-and-play” worming components are on the rise.
More and more malware campaigns are also leveraging more worm capabilities to spread laterally.
WannaCry’s used such worm component to infect 400,000 devices in 150 countries in a short time. Just ransomware does not use it: other campaigns like Emotet, QakBot, and TrickBot have also implemented this kind of component.
Removing this kind of malware is extremely difficult for every cybersecurity solution because of its persistence capabilities.
Nowadays a single device can be turned into a malware slave, spreading itself automatically, quickly crippling entire networks—both internal and external. To reduce the risk of propagation and, companies must invest in a cybersecurity solution that can block infection at the outset. Depending on which OS is running on company devices is recommended the install an antivirus. Also if you are a company that operates 100% in an online environment, please opt for the newest trend in cybersecurity: a cyber-secure web hosting service.