Ransomware lost its spot as the number one cyberthreat to consumers and enterprises during the first half of 2018, after topping the list for years. Despite being somewhat outpaced by cryptojackers, though, ransomware has made a rapid recovery, showing that file-encrypting malware is here to stay. And all signs point to a 2019 riddled with emerging new threats.
At Bitdefender, December is a forward-looking month, one that we devote to sharing our forecast for the year to come. So without further ado, here are our top 10 predictions for the cybersecurity space in 2019 (and beyond).
The most profitable form of malware, ransomware remains a constant threat. We still record copious numbers of infections daily, but the good news is ransomware is no longer growing – it’s plateauing. One reason is already well documented: ransomware has taken a back seat to cryptojacking in the past year as bad actors developed a taste for stealing computing power to generate digital currency while flying under the radar. But an even heftier factor behind ransomware’s stagnation is the emergence of dedicated solutions aimed directly at thwarting this form of malware. There will always be new versions of ransomware, some more complex than others and some harder to catch, but we don’t expect ransomware to take on much bigger proportions. At least not bigger than in the past year.
Internet of Things (IoT)
We expect more attacks leveraging Internet of Things (IoT) / smart / connected devices. As lawmakers scramble to come up with a way to regulate the IoT space, attackers will continue to capitalize on their inherent weaknesses. Hackers are becoming better at hijacking IoT products like baby monitors, surveillance cams and other home appliances. And connected medical devices are far from safe either. In fact, body implants that support wireless connectivity may lead to the first ransomware attacks where you need to pay or die. Sound wild? Just remember that, in 2013, former US Vice President Dick Cheney asked his doctors to disable the wireless function in his pacemaker to thwart the potential of terrorists hacking it.
In another noteworthy trend in the IoT landscape, manufacturers are jumping on the cellular bandwagon, gradually moving their IoTs from WiFi to LTE and from ipv4 to ipv6. While this shift promises increased security, it will likely open up a new can of worms since it’s relatively new ground for the IoT ecosystem.
macOS attacks on the rise
Apple’s share of the desktop market is rising, and malware designed to infect Macs is growing along with it. We project an increase in the number of attacks targeting Mac users, something we are already beginning to see in our internal telemetry. Our data shows not just new macOS-specific malware, but also macOS-specific mechanisms and tools designed to capitalize on Macs post-breach. We’ve already seen this in past APTs that housed Mac-specific components.
MACROs and fileless attacks
Attacks leveraging Microsoft Office MACROs will also increase in number and scope. MACROs are a feature, not a bug, as the old adage goes. Which makes it the perfect bait for victims prone to social engineering scams – where the attacker convinces the victim to essentially partake in their own abuse.
We expect fileless attacks – such as those leveraging powershell and other system-bound tools like gen reg, mshta, etc. – to also increase in scope in the year to come.
Potentially unwanted applications (PUA) and cryptojacking
Potentially unwanted applications (PUA), including adware, don’t pose a tremendous threat in and of themselves, but they’re not innocent either. For example, you could download a seemingly legitimate application not knowing it’s bundled with crypto miner or even malware.
Finally, we can expect a shift from drive-by-downloads of malware to full blown drive-by-mining. In other words, the use of web-mining APIs that perform crypto-mining, directly in the user’s browser, instead of exploit-kits to download malware onto the victim’s computer.
Combating invisible threats
Network-level exploits will enter the limelight next year, and they will likely be hyped by social media, if history is any indication. And researchers will have to devote considerable resources to analyzing hardware-based implants, hardware backdoors, and hardware design flaws, as well as supply chain compromises in software.
APTs targeting banks
We expect advanced persistent threats to continue emerging, with a renewed focus on the banking sector, reminiscent of the Carbanak group making headlines in 2014 for using an APT-style campaign to steal money from banks. The malware was reportedly introduced via phishing emails, with the hackers said to have stolen hundreds of million dollars not only from banks, but from more than a thousand private customers as well.
GDPR to show its fangs
Here’s a positive prediction for a change: Thanks to the EU’s renewed effort to protect personally identifiable information – in the form of the General Data Protection Regulation that took effect in May this year – we should expect fewer “credential leaks” to occur, or at the very least make headlines. Security incidents will be more thoroughly contained at an organization level in an effort to avoid penalties that could force a business into bankruptcy. Remember that the GDPR can dish out fines of up to 4% of the victim’s annual turnover, which can translate into hundreds of millions and even billions of dollars in the case of large enterprises and corporations.
Election interference in Europe
2019 is the year Europe elects Members of the European Parliament. If recent developments in the U.S. are any indication, we should expect turmoil in Europe, including state-sponsored attacks on voting systems, social media propaganda, and other forms of “meddling.” If a few years ago these acts were merely rumored to be occurring, events in the past two years alone confirm that the world’s leading powers will stop at nothing to influence their adversaries’ political outcomes.
A shift towards mobile attacks
Fintech services are paving the way to a very profitable new trend for hackers. The more money and integration with traditional banking systems, the more attention they will get from cybercrooks who will likely develop new threats targeting these specific services in 2019.