Ransomware will Scale up attacks in the coming Year
According to the recently-released McAfee Labs 2018 Threats Predictions Report. It’s been a pretty scary year where cybercrime is concerned, with words like ransomware, malware and spyware becoming a part of our daily lexicon. Over 27,000 cyber security incidents were reported in the first half of the year alone-at least one cyber crime reported every 10 minutes-according to the Indian Computer Emergency Response Team. We hate to be the harbingers of gloom and doom, but 2018 is likely to be just as bad
Steve Grobman, Chief Technology Officer for McAfee, “The evolution of ransomware in 2017 should remind us of how aggressively a threat can reinvent itself as attackers dramatically innovate and adjust to the successful efforts of defenders”. He added further “So if WannaCry made you want to weep, know that it was just a taste of things to come as hackers develop new strategies.”
So the year ahead expect continued risk from Ransomware and malware attacks this also include companies selling home devices. Watch out the four key trends.
Hackers making use of Machine learning.
Agreed that machine learning can process massive quantities of data and perform vast operations to not only detect but also correct known vulnerabilities, suspicious behaviour and zero-day attacks. But, according to McAfee, the bad guys will seek to leverage machine learning too, to support their attacks, learn from defensive responses and disrupt detection models. “We expect to see more advancements in the use of machine learning and analytics by attackers to accelerate and sharpen social engineering attacks-phishing, fraud, spyware, and scams-across more industry sectors than they can do today using manual reconnaissance techniques,” says McAfee Labs vice president Vincent Weafer in the report, according to Yahoo Finance.
In order words, adversaries will try their hardest to exploit newly discovered vulnerabilities faster than defenders can patch them. “Human intelligence amplified by technology will be the winning factor in the ‘arms race’ between attackers and defenders,” adds Grobman.
Ransomware to call the shots
“McAfee Labs saw total ransomware grow 56% over the past four quarters, but evidence from McAfee Advanced Threat Research indicates that the number of ransomware payments has declined over the last year,” states the report.
As ransomware profitability dives in the face of vendor defences and user education, attackers will turn their focus to more profitable targets, including high net-worth individuals, connected devices, and businesses. This change will likely also introduce new kinds of attacks involving disruption of organisations and cyber sabotage. The report predicts an expansion of the cyber insurance market in the bargain.
Vulnerability from serverless apps
The report highlights that while serverless apps save time and reduce costs, they will also increase attack surfaces for organizations implementing them. Not only are they vulnerable to attacks on data in transit, but also potentially to brute-force denial of service attacks, in which the serverless architecture fails to scale and incurs expensive service disruptions.
Risk of IoT (Internet of Things) device manufacturers
“Connected home device manufacturers and service providers will seek to overcome thin profit margins by gathering more of our personal data-with or without our agreement-turning the home into a corporate store front,” warns the report. Of course, privacy risks from smart devices is nothing new, especially in the developed nations, but it’s a problem that India is slowly waking up to. The report adds that large-scale gathering of personal information and user-generated content opens consumers up to the risk of data misuse, abuse, and even compromise.
Kevin Jones252 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others. He holds prestigious certifications like OSWP, OSCP, ITIL. His goals in life are simple - to finish her maiden business venture on Cybersecurity, and then to keep writing books for as long as possibly can and never miss a flight that makes the news.