This year, the world will see more legitimate software being poisoned by groups targeting wider victim profiles and geographies, with the added advantage that such attacks are extremely hard to spot and mitigate, according to Kaspersky Lab’s Targeted Threat Predictions for 2018.

 

Other hard-to-block attacks, such as those involving high-end mobile malware are also set to rise as attackers resort to new tricks to breach increasingly well-protected targets.

 

The annual predictions are prepared by the company’s experts, drawing on the research and experience gained over the course of the year. For 2018, Kaspersky Lab has complemented the targeted threat predictions prepared by the Global Research and Analysis Team with a series of industry and technology threat predictions.

 

Top advanced targeted threat predictions for 2018

 

In 2017, supply chain attacks such as Shadowpad and ExPetya showed how easily third party software could be used to gain entry into enterprises. This threat is expected to increase in 2018 as some of the world’s most dangerous threat actors start adopting the approach as an alternative to watering hole techniques or because other attempts to break in have failed.

 

“Supply chain attacks have proven every bit as nightmarish as we had previously theorized. As advanced threat actors continue to gain access to vulnerable development companies, back-dooring of popular or regionally popular software will become an increasingly desirable attack vector. Supply chain attacks will allow attackers to successfully gain access to multiple enterprises in target sectors while flying under the radar of system administrators and security solutions alike,” said Juan Andres Guerrero-Saade, Principal Security Researcher, Global Research and Analysis Team.

 

Other targeted threat predictions for 2018 include:

  • More high-end mobile malware. Over the last couple of years, the security community has uncovered advanced mobile malware which, when combined with exploits constitute a powerful weapon against which there is little protection.
  • Destructive attacks will continue to rise. The Shamoon 2.0 and StoneDrill attacks reported in early 2017 and the June ExPetr/NotPetya attack revealed a growing enthusiasm for destructive wiper attacks.
  • More attacks will lead with reconnaissance and profiling to protect attackers’ most precious exploits. Attackers will spend more time on reconnaissance and using profiling toolkits such as ‘BeFF’ to determine if a less-costly, non-zero day exploit will do.
  • Sophisticated attacks will be found exploiting the bridge between the OS and firmware. The Unified Extensible Firmware Interface (UEFI) is the software interface between the firmware and the OS on modern PCs. Kaspersky Lab expects more threat actors will make use of UEFIs highly advanced capabilities to create malware that can be launched before any anti-malware solution, or even the OS itself, has had a chance to start.
  • More router and modem hacks. This well-known area of vulnerability has been largely ignored as a tool for advanced targeted attackers. They sit at a critical juncture for an attacker intent on gaining persistent and stealthy access to a network, and could even allow an attacker to hide their trail.

 

Alongside these advanced threat predictions, Kaspersky Lab’s industry and technology threat predictions aim to help some of the most connected sectors understand and prepare for the security challenges they could face over the 12 months ahead.

 

Top industry threat predictions for 2018 include:

  • Connected vehicles are likely to face new threats as a result of growing supply chain complexity leading to a scenario where no one player has visibility of, let alone control over, all of a vehicle’s source code. This could make it easier for attackers to break in and bypass detection.
  • In healthcare, attacks breaching private networks to target medical equipment and data with the aim of extortion, malicious disruption or worse, could rise as the volume of specialist medical equipment connected to computer networks.
  • In financial services, the increased security of online payments means that fraudsters will turn their attention to account takeover attacks. Industry estimates suggest fraud of this type will run into billions of dollars.
  • Industrial security systems are likely to be at increased risk of targeted ransomware attacks. Operational technology systems are more vulnerable than corporate IT networks, and are often exposed to the Internet.
  • Kaspersky Lab also expects to see targeted attacks on companies for the purpose of installing cryptocurrency miners — an in time this could become a more lucrative, long term business proposition than ransomware.

 

The full Kaspersky Lab Threat Predictions for 2018 are available on Securelist.

 

To look back at what the Kaspersky Lab experts expected to see for advanced targeted threats in 2017, please read.


RECOMMENDED ARTICLE FOR TECHWORLD


 
Cebu Pacific’s GetGo Partners with CuroTek for Contact Center Services, Improved Customer Experience
Techworld Date Posted: 27 December 2018 2:13 PM | 158 Views
CuroTek (Curo Teknika, Inc.), the country’s preferred Managed IT Services and Contact Center partner of market-leading enterprises, recently penned a partnership with Cebu Pacific to provide Managed Omni Channel Contact Center Services to. See More
 
Cebu Pacific’s GetGo Partners with CuroTek for Contact Center Services, Improved Customer Experience
Techworld Date Posted: 2:13 PM | 158 Views
CuroTek (Curo Teknika, Inc.), the country’s preferred Managed IT Services and Contact Center partner of market-leading enterprises, recently penned a partnership with Cebu Pacific to provide Managed Omni Channel Contact Center Services toSee More

 
Get First Dibs to Early Christmas Treats with Lazada’s Online Revolution Sale
Techworld Date Posted: 2 November 2017 3:19 PM | 547 Views
It is the happiest time of the year again. Christmas starts early in the Philippines, and Lenovo and Motorola join Filipinos young and old in welcoming Christmas season 2017 with an early Christmas treat.... See More
 
Get First Dibs to Early Christmas Treats with Lazada’s Online Revolution Sale
Techworld Date Posted: 3:19 PM | 547 Views
It is the happiest time of the year again. Christmas starts early in the Philippines, and Lenovo and Motorola join Filipinos young and old in welcoming Christmas season 2017 with an early Christmas treat...See More

 
Data for Nothing: Fraudsters Use Fake Gift Cards to Lure Consumers into Handing Over Personal Data
Techworld Date Posted: 23 July 2018 2:37 PM | 437 Views
Kaspersky Lab experts have discovered the distribution of an unusual fraudulent scheme that tricks users into parting with their time and their data, for no return.. See More
 
Data for Nothing: Fraudsters Use Fake Gift Cards to Lure Consumers into Handing Over Personal Data
Techworld Date Posted: 2:37 PM | 437 Views
Kaspersky Lab experts have discovered the distribution of an unusual fraudulent scheme that tricks users into parting with their time and their data, for no return.See More

 
Lenovo Opens 20th Concept Store in the Philippines
Techworld Date Posted: 30 July 2018 3:47 PM | 494 Views
Lenovo, the world’s leading PC manufacturer, recently opened its 20th concept store in the Philippines and the second one in Cebu City, located at the third floor of Ayala Center Cebu.. See More
 
Lenovo Opens 20th Concept Store in the Philippines
Techworld Date Posted: 3:47 PM | 494 Views
Lenovo, the world’s leading PC manufacturer, recently opened its 20th concept store in the Philippines and the second one in Cebu City, located at the third floor of Ayala Center Cebu.See More

 
APAC IT Leaders Should Cultivate Situational Awareness to Thwart Cyber Threats
Techworld Date Posted: 26 July 2017 2:56 PM | 241 Views
Fortinet, a global leader in high-performance cyber security solutions, today advised IT leaders in Asia Pacific to hone their situational awareness skills in order to better defend their organizations against cyber threats. Human beings are.... See More
 
APAC IT Leaders Should Cultivate Situational Awareness to Thwart Cyber Threats
Techworld Date Posted: 2:56 PM | 241 Views
Fortinet, a global leader in high-performance cyber security solutions, today advised IT leaders in Asia Pacific to hone their situational awareness skills in order to better defend their organizations against cyber threats. Human beings are...See More

 
PLDT Home Brings PH’s First All-in-One Video-on-demand, Pay TV and Free Channels Streaming Device
Techworld Date Posted: 9 August 2017 2:35 PM | 284 Views
PLDT Home continues to prove why it is the country's digital services leader with its next-generation entertainment device: the Roku PoweredTM TVolution. Developed in partnership with Roku, the Silicon Valley corporation that pioneered the concept.... See More
 
PLDT Home Brings PH’s First All-in-One Video-on-demand, Pay TV and Free Channels Streaming Device
Techworld Date Posted: 2:35 PM | 284 Views
PLDT Home continues to prove why it is the country's digital services leader with its next-generation entertainment device: the Roku PoweredTM TVolution. Developed in partnership with Roku, the Silicon Valley corporation that pioneered the concept...See More

 
Global Shipments of FUJITSU Image Scanners Have Passed the 10 Million Mark
Techworld Date Posted: 30 September 2017 9:58 AM | 225 Views
PFU is proud to announce that as of July 2017, global shipments of its FUJITSU image scanners have passed the 10 million mark.. See More
 
Global Shipments of FUJITSU Image Scanners Have Passed the 10 Million Mark
Techworld Date Posted: 9:58 AM | 225 Views
PFU is proud to announce that as of July 2017, global shipments of its FUJITSU image scanners have passed the 10 million mark.See More

 
From Careless to Careful: Top Tips to Secure BYOD in the Workplace
Techworld Date Posted: 20 October 2018 9:06 AM | 111 Views
On the heels of the latest breaches against widely-used online platforms Facebook and Google that affected millions of users worldwide, Kaspersky Lab today puts the spotlight on the role of employees in keeping companies.... See More
 
From Careless to Careful: Top Tips to Secure BYOD in the Workplace
Techworld Date Posted: 9:06 AM | 111 Views
On the heels of the latest breaches against widely-used online platforms Facebook and Google that affected millions of users worldwide, Kaspersky Lab today puts the spotlight on the role of employees in keeping companies...See More

 
Synology® Introduces DiskStation DS418j
Techworld Date Posted: 15 August 2017 3:07 PM | 345 Views
Synology Inc. launched in Taiwan the new DiskStation DS418j, a budget-friendly 4-bay NAS server designed to help home and individual users to manage, protect and share data effectively. DS418j is powered by a brand-new 64-bit.... See More
 
Synology® Introduces DiskStation DS418j
Techworld Date Posted: 3:07 PM | 345 Views
Synology Inc. launched in Taiwan the new DiskStation DS418j, a budget-friendly 4-bay NAS server designed to help home and individual users to manage, protect and share data effectively. DS418j is powered by a brand-new 64-bit...See More

 
Symantec a Leader in Gartner Magic Quadrant for Secure Web Gateways for the 11th Consecutive Time
Techworld Date Posted: 28 December 2018 4:17 PM | 108 Views
Symantec Corp. (NASDAQ: SYMC), the world’s leading cyber security company, today announced that it has been named by Gartner, Inc. as a Leader in the 2018 Magic Quadrant for Secure Web Gateways. . See More
 
Symantec a Leader in Gartner Magic Quadrant for Secure Web Gateways for the 11th Consecutive Time
Techworld Date Posted: 4:17 PM | 108 Views
Symantec Corp. (NASDAQ: SYMC), the world’s leading cyber security company, today announced that it has been named by Gartner, Inc. as a Leader in the 2018 Magic Quadrant for Secure Web Gateways. See More


Power by

Download Free AZ | Free Wordpress Themes