Cybercrime Trends 2018: Seven misconceptions that can expose companies to a risk of cybercrime

Cybercrime

Every day, whether at the personal level or at the corporate level, we are exposed to threats from the cyber space. In most cases, we are not even aware of these threats, or even if we know them, we do not make the right decision.
The global cyber threat situation has never been as unpredictable as in 2017, which has set a cybercrime as a record year of ransomware and a breakthrough in crypto-currency-miner attacks. As the ransomware is the fastest growing security threat, known as a moderate or extreme threat by 80% of cybersecurity professionals. Industry experts predicts that, in 2018, this number will continue to increase together with more threats will be added to the known threats. A survey conducted by Veriato Information Security highlighted that Email and web use represent the most common reason of ransomware infection with employees opening malicious email attachments (73%), responding to a phishing email (54%) or visiting a compromised website (28%).
75% of worldwide organizations touched by ransomware experienced up to 5 attacks in the last 12 months alone, 25% experienced 6 or more attacks. The information most at risk from ransomware attacks is financial data (62%)followed by customer information (61%). With such high risk, 59% of organizations are yet not confident at all in their ransomware defence.

Here are the most important cybercrime trends 2018 that industry experts have analysed:

 

Criminals will remain loyal to most successful malware

 

WannaCry, NotPetya, BadRabbit, the year 2017 has been marked by major attacks on a global scale based mainly on a security breach named EternalBlue. Today, even if this new wave of malware reveals new patterns of attacks, criminals will remain loyal to the most malicious malware: ransomware, financial data, and digital currency crimes. However, the way these threats are used currently will change. Ransomware, for example, will use more sophisticated and future GPU performance, instead of CPU, for encryption purposes. The purpose of using GPU technology is that the attack will unfold hundreds of times faster than previously seen, making it increasingly difficult for antimalware tools catch and block the spreading ransomware.

 

Windows 10 is becoming a popular target for cyber-attacks

 

Windows 10 is becoming universal and therefore more interesting as a cyber-crime destination. The platform also supports Powershell and Linux Bash. Criminals will increasingly use spam e-mail attacks without file attachments, written in PERL and Python.

 

The growing threat of bots on social networks

 

In recent years, attacks on social networks have developed and cybercriminals refine their approach: creation of fake accounts, imitation of brands, etc. For the coming year, bots represent a new way to generate malware or create links to spam sites to extract confidential and financial information from users. In 2017, experts have seen a 20% increase in pirated content on social networks and say that this growth will be constant in 2018.

 

Criminal’s focus on med-big companies

 

After years of focusing on individuals, malware writers will increasingly target businesses and computer networks. Password grabbing programs such as facial expressions or the exploitation of worm vulnerabilities will become the standard for many malware samples.

 

IoT botnets continue to evolve

 

Large IoT botnets will become the new normal in 2018. The source code for IoT bots is free on the net. Criminal groups that want to make massive attacks with IoT devices have a solid platform that they can tailor to their own needs. Experts believe that this code will be further improved in 2018 to allow ransom or spam delivery through compromised networks

 

More attacks on OS X.

 

Last but not least, more attacks on the OS X area, so Macs are expected. We all know that in terms of cyber-security Apple computers and devices are now at similar risk from cyber-attacks as any other manufacturer’s computers and devices. Since around 2010, Apple OSX and iOS computers and devices have been increasingly subject to successful cyber-attacks, year on year, and the attacks are increasingly serious. For consumers, however, malware will likely focus on scareware tactics to force victims to pay for useless tools.

 

Firmware vulnerabilities open secret backdoor

 

In 2018, criminal actors will also again scan individual components of devices for vulnerabilities that are below the level of the operating system, e.g. Firmware. The individual Wi-Fi and Bluetooth stacks receive increased attention, as all the potential vulnerabilities that have already been identified provide a secret backdoor that is very difficult to detect and secure.