2018 to be another 'brutal' year for cyber threats
After a ‘brutal’ year for cyber threats in 2017, the threat landscape is likely to continue to evolve in 2018, with new and evolving techniques arising to challenge security teams, according to Malwarebytes.
The company has made a series of cybersecurity predictions for the coming year, including a further rise in browser-based ‘cryptojacking’ and in PowerShell-based attacks.
Malwarebytes CEO Marcin Keczynski said the emergence of WannaCry and Petya as well as the unprecedented scale of data breaches such as the massive Equifax hack meant 2017 was a particularly rough year.
“Our Labs’ findings show no signs of a slowdown in 2018. Hacker tools and techniques are increasing in sophistication and accessibility,” he said.
“We are seeing a new army of cybercriminals coalesce, lured by inexpensive tools and the promise of an easy profit — often publicised and glorified in the media. The forthcoming attacks will require more cybersecurity training, increased education and awareness, and a multilayered approach to business and personal security.”
The report predicts that the cryptojacking gold rush will be a top priority for cybercriminals in 2018. Towards the end of this year there has been an explosion in the number of websites that unwittingly turn visitors’ computers into cryptocurrency miners.
Malwarebytes is also predicting an increase in PowerShell script-based attacks that are difficult to identify and can easily evade antivirus engines, as well as a rise in the use of worms to launch malware as a result of the success of the WannaCry campaign.
The cybercriminal underground is expected to continue to evolve as savvy hackers sell cybercrime as a service. These criminals are expected to target and exploit more security software in the wake of the incident involving attackers exploiting Kaspersky Lab software to steal classified data from a US NSA contractor.
Educational institutions are also likely to become a prime target for attack as cybercriminals seek out poorly protected networks to infiltrate.
Finally, Malwarebytes expects the emerging Internet of Things to create additional data security concerns, particularly now that medical devices are able to connect directly to the internet.
Australia's Notifiable Data Breach legislation came into effect today, leaving Australian...
With the Notifiable Data Breach scheme about to start, two OAIC guides detail the steps to take...
Gartner urges a multistage approach to dealing with the new class of security vulnerability...