Major hacks in 2017 and what enterprises can expect from the threat landscape in 2018

Each December, security researchers make predictions for the following year, and they always seems to sound the same: attacks will increase, malware will be more sophisticated because hackers are upping their game, so IT executives must secure their infrastructure or else. So what can enterprises expect from the threat landscape in 2018?

No doubt 2017 was a really bad year, full of sophisticated security incidents. Let’s do a short recap of some of the massive exploits and data breaches this past year:

• WannaCry, a massive ransomware attack that affected millions of computers around the world.
• Petya/NotPetya/GoldenEye, a sophisticated ransomware campaign that leveraged the EternalBlue exploit used by WannaCry, targeting data destruction.
• The NSA was breached by hacker group The Shadow Brokers, leaking 100GB of confidential information and hacking tools.
• WikiLeaks Vault 7 leak, exposing top secret documentation and user guides for hacking tools used by the CIA.
• 198 million US voter records kept on an unsecured Amazon server were mistakenly leaked by Republican data analytics firm Deep Root Analytics.
• Due to a vulnerability, Cloudflare unwittingly leaked customer data from Uber, OKCupid and 1Password.
• Equifax hack that leaked personal information of 143 million clients, mostly from the US, but also the UK and Canada.
• Uber hid a data breach that affected personal information of 57 million users.
• Bell Canada was threatened by hackers with the leak of 1.9 million customer records. When the company refused to pay, some of the information was published online.
• Other hacks include universities and organizations affiliated with the US government, Deloitte and Virgin America.

As we enter a new age of data breaches, cyberattacks will get even more costly for enterprises. 2018 will be all about investing in data protection, especially in view of EU’s GDPR legislation, creating backups to reduce damage and, best case scenario, employee training sessions on best practices to prevent malware infections and reduce insider threats.

On the dark side, hackers will actively invest in improving their game and aggressively go after enterprises. According to Bitdefender researchers, besides a significant escalation of zero-day exploits, 2018 will see an important increase in advanced polymorphic malware. Due to its ability to change once disseminated, polymorphic malware can in certain cases bypass AV detection.

“Bitdefender experts also expect major changes in the PaaS (polymorphism as a service) market, a vertical that will consolidate throughout 2018,” says Bogdan Botezatu, Senior E-threat Analyst at Bitdefender.

“Advanced polymorphic engines running in the cloud are already used by cyber-criminals to flood the market with unique variants of known malware and the advantages they offer cyber-criminals are extraordinary. Licensing access to these custom engines will likely generate good business for these actors.”

Proven fairly profitable, ransomware is an example of polymorphic malware that will be prevalent in the upcoming year, alongside banker Trojans and cryptocurrency miners. Following major breaches of companies that ended up paying ransom, hackers understood enterprises would pay dearly in bitcoin to regain access to confidential information.

Although organizations are aware of the risks, they repeatedly fail at taking adequate security measures to protect critical data. Hackers will also take advantage of weak authentication methods, as two-factor authentication is hardly used.

2018 will be an important year for the Internet of Things. The number of threats is forecast to increase, as hackers will exploit documented but unpatched vulnerabilities in IoT devices, taking advantage of the manufacturers’ lack of interest in building in security.