Bitdefender: In the first half of 2018, Ransomware, after years, lost its position as the number one threat. Although initially overcome by cryptojackers, ransomware has made a rapid recovery, showing that malicious file encryption software is here to stay.
Everything indicates that 2019 will be full of new threats.
For the Vitdefender, December is the month in which we share our forecasts for the new year. Here are our top 10 cyber security forecasts for 2019.
As the most lucrative form of malware, ransomware remains a constant threat. Many ransomware attacks can be recorded daily, but it is a fact that this threat is not on the rise. One reason is the emergence of cryptojacking that works invisibly and can yield much more revenue for a longer period of time. An equally important reason is the emergence of specialized security solutions that directly aim to prevent this form of malware. There will always be new versions of ransomware, some will certainly be more sophisticated, but we generally do not expect ransomware to evolve further. At least not more than last year.
Internet of Things (IoT)
We expect more attacks due to the use of smart devices. The attackers will no doubt continue to exploit their inherent weaknesses. Hackers are getting better at attacking IoT products, such as baby monitors, surveillance cameras and other home appliances. And connected medical devices are no longer safe. In fact, body implants that support wireless connectivity can lead to the first ransomware attacks where you have to pay or die. Sounds too much to you? Just remember that in 2013, former US Vice President Dick Cheney asked his doctors to turn off the wireless function in his pacemaker to prevent terrorists from harassing him.
Bitdefender: MacOS attacks on the rise
Apple's share of the desktop market is growing, but so are malware designed to infect Macs. We are expecting an increase in the number of attacks targeting Mac users, and this is something that is already beginning to appear. According to the data we collect, the indications show not only new malOS-specific malware, but also macOS-specific mechanisms and tools designed to take advantage of Mac after the breach.
Macros and file-less attacks
Attacks utilizing Microsoft Office macros will increase. Macros are a function, not an error. This makes them the perfect bait for victims prone to fraud - where the attacker persuades the victim to participate effectively in their use simply by allowing the command to run.
We expect file-less attacks - such as the use of powershell as well as other system-related tools, such as gen reg, mshta, etc. to grow in the next year.
Possible side effects (PUA) and cryptojacking
Unwanted applications (PUAs), including adware, are not a huge threat in themselves, but they are not innocent either. For example, you could download a seemingly secure application without knowing it is connected to a crypto miner or other malware.
We expect an increase in incidents where cryptomining will be sent directly from the webpage rather than downloading a file from the victim.
Bitdefender: Fighting invisible threats
Network-level exploits will come to the fore next year and, based on the evidence so far, will be promoted on social media. Researchers should devote many hours to analyzing hardware-based implants, hardware backdoors, hardware analysis, and how software responds.
Targeting the banking sector
We expect an escalation of attacks in the banking sector. We are reminded of the example of the Carbanak group where malicious code was sent via phishing messages and was the cause of hundreds of millions of dollars being intercepted not only by banks but also by more than a thousand private customers.
GDPR will show his teeth
Here the news is optimistic: Thanks to the EU's renewed effort to protect personal data - in the form of the General Data Protection Regulation that came into force in May this year - we should expect less "data leaks". Security incidents will be limited to an organization level in an effort to avoid sanctions that could force a business to go bankrupt. Remember that the GDPR can require fines of up to 4% of a company's annual turnover, which can translate into hundreds of millions or even billions of dollars in the case of large companies and corporations.
Bitdefender: Effect of Elections in Europe
2019 is the year that Europe will elect Members of the European Parliament. Given recent developments in the US, we should expect similar actions in Europe, including attacks on voting systems, social media propaganda and other forms of "engagement". If a few years ago these acts were mere rumors, the last two years confirm that the world's leading powers will not stop at anything to influence the political results of their opponents.
Bitdefender: A Turn to Attacks on Mobile Devices
Fintech services pave the way for a very lucrative new trend for hackers. The more money and more integration with traditional banking systems, the more attention should be paid as it is highly likely that new threats to these services will develop next year.