This year, the world will see more legitimate software being poisoned by groups targeting wider victim profiles and geographies, with the added advantage that such attacks are extremely hard to spot and mitigate, according to Kaspersky Lab’s Targeted Threat Predictions for 2018.

 

Other hard-to-block attacks, such as those involving high-end mobile malware are also set to rise as attackers resort to new tricks to breach increasingly well-protected targets.

 

The annual predictions are prepared by the company’s experts, drawing on the research and experience gained over the course of the year. For 2018, Kaspersky Lab has complemented the targeted threat predictions prepared by the Global Research and Analysis Team with a series of industry and technology threat predictions.

 

Top advanced targeted threat predictions for 2018

 

In 2017, supply chain attacks such as Shadowpad and ExPetya showed how easily third party software could be used to gain entry into enterprises. This threat is expected to increase in 2018 as some of the world’s most dangerous threat actors start adopting the approach as an alternative to watering hole techniques or because other attempts to break in have failed.

 

“Supply chain attacks have proven every bit as nightmarish as we had previously theorized. As advanced threat actors continue to gain access to vulnerable development companies, back-dooring of popular or regionally popular software will become an increasingly desirable attack vector. Supply chain attacks will allow attackers to successfully gain access to multiple enterprises in target sectors while flying under the radar of system administrators and security solutions alike,” said Juan Andres Guerrero-Saade, Principal Security Researcher, Global Research and Analysis Team.

 

Other targeted threat predictions for 2018 include:

  • More high-end mobile malware. Over the last couple of years, the security community has uncovered advanced mobile malware which, when combined with exploits constitute a powerful weapon against which there is little protection.
  • Destructive attacks will continue to rise. The Shamoon 2.0 and StoneDrill attacks reported in early 2017 and the June ExPetr/NotPetya attack revealed a growing enthusiasm for destructive wiper attacks.
  • More attacks will lead with reconnaissance and profiling to protect attackers’ most precious exploits. Attackers will spend more time on reconnaissance and using profiling toolkits such as ‘BeFF’ to determine if a less-costly, non-zero day exploit will do.
  • Sophisticated attacks will be found exploiting the bridge between the OS and firmware. The Unified Extensible Firmware Interface (UEFI) is the software interface between the firmware and the OS on modern PCs. Kaspersky Lab expects more threat actors will make use of UEFIs highly advanced capabilities to create malware that can be launched before any anti-malware solution, or even the OS itself, has had a chance to start.
  • More router and modem hacks. This well-known area of vulnerability has been largely ignored as a tool for advanced targeted attackers. They sit at a critical juncture for an attacker intent on gaining persistent and stealthy access to a network, and could even allow an attacker to hide their trail.

 

Alongside these advanced threat predictions, Kaspersky Lab’s industry and technology threat predictions aim to help some of the most connected sectors understand and prepare for the security challenges they could face over the 12 months ahead.

 

Top industry threat predictions for 2018 include:

  • Connected vehicles are likely to face new threats as a result of growing supply chain complexity leading to a scenario where no one player has visibility of, let alone control over, all of a vehicle’s source code. This could make it easier for attackers to break in and bypass detection.
  • In healthcare, attacks breaching private networks to target medical equipment and data with the aim of extortion, malicious disruption or worse, could rise as the volume of specialist medical equipment connected to computer networks.
  • In financial services, the increased security of online payments means that fraudsters will turn their attention to account takeover attacks. Industry estimates suggest fraud of this type will run into billions of dollars.
  • Industrial security systems are likely to be at increased risk of targeted ransomware attacks. Operational technology systems are more vulnerable than corporate IT networks, and are often exposed to the Internet.
  • Kaspersky Lab also expects to see targeted attacks on companies for the purpose of installing cryptocurrency miners — an in time this could become a more lucrative, long term business proposition than ransomware.

 

The full Kaspersky Lab Threat Predictions for 2018 are available on Securelist.

 

To look back at what the Kaspersky Lab experts expected to see for advanced targeted threats in 2017, please read.


RECOMMENDED ARTICLE FOR TECHWORLD


 
Nokia Mobile Introduces Edge-to-Edge Smartphone Experience
Techworld Date Posted: 16 October 2018 4:05 PM | 70 Views
HMD Global, the home of Nokia phones, has announced the availability of the Nokia 6.1 Plus and the Nokia 5.1 Plus in the Philippines.. See More
 
Nokia Mobile Introduces Edge-to-Edge Smartphone Experience
Techworld Date Posted: 4:05 PM | 70 Views
HMD Global, the home of Nokia phones, has announced the availability of the Nokia 6.1 Plus and the Nokia 5.1 Plus in the Philippines.See More

 
PLDT, Smart Unlock Amazing Digital Experiences Powered by PH’s Fastest Network
Techworld Date Posted: 7 November 2018 3:57 PM | 47 Views
Fresh from their latest recognition as the Philippine’s fastest fixed and mobile networks, leading digital services provider PLDT Inc. and its mobile arm Smart Communications are ushering in a new wave of innovative products.... See More
 
PLDT, Smart Unlock Amazing Digital Experiences Powered by PH’s Fastest Network
Techworld Date Posted: 3:57 PM | 47 Views
Fresh from their latest recognition as the Philippine’s fastest fixed and mobile networks, leading digital services provider PLDT Inc. and its mobile arm Smart Communications are ushering in a new wave of innovative products...See More

 
Free Tickets or Free Malware: Kaspersky Lab Warns Against Fake Airline Promos Online
Techworld Date Posted: 9 May 2018 5:04 PM | 160 Views
Summer holidays are when most people’s penchant for travel heats up. But it’s also the time when cybercriminals trick those with wanderlust easily so Kaspersky Lab advises Filipinos to be more vigilant against airline.... See More
 
Free Tickets or Free Malware: Kaspersky Lab Warns Against Fake Airline Promos Online
Techworld Date Posted: 5:04 PM | 160 Views
Summer holidays are when most people’s penchant for travel heats up. But it’s also the time when cybercriminals trick those with wanderlust easily so Kaspersky Lab advises Filipinos to be more vigilant against airline...See More

 
ASUS Republic of Gamers Bundles the Best Games and Gears This Holiday Season!
Techworld Date Posted: 25 November 2017 4:58 PM | 251 Views
As the season of giving draws near, ASUS Republic Of Gamers (ROG) is first to gift its loyal customers additional reasons to upgrade their DIY PC systems. Dubbed as the Merry Strixmas promo, ROG.... See More
 
ASUS Republic of Gamers Bundles the Best Games and Gears This Holiday Season!
Techworld Date Posted: 4:58 PM | 251 Views
As the season of giving draws near, ASUS Republic Of Gamers (ROG) is first to gift its loyal customers additional reasons to upgrade their DIY PC systems. Dubbed as the Merry Strixmas promo, ROG...See More

 
Hidden Miners on Google Play
Techworld Date Posted: 11 April 2018 4:48 PM | 347 Views
  Kaspersky Lab’s researchers have discovered that more and more cyber criminals are turning their attention to malicious software that mines cryptocurrencies at the expense of users’ mobile devices. These criminals are getting greedier.... See More
 
Hidden Miners on Google Play
Techworld Date Posted: 4:48 PM | 347 Views
  Kaspersky Lab’s researchers have discovered that more and more cyber criminals are turning their attention to malicious software that mines cryptocurrencies at the expense of users’ mobile devices. These criminals are getting greedier...See More

 
Online Financial Cybercrime Victims Struggle to Recover All Their Lost Money
Techworld Date Posted: 31 January 2017 3:29 AM | 288 Views
Each year thousands of Internet users become victims of a cybercrime that leaves them out of pocket.. See More
 
Online Financial Cybercrime Victims Struggle to Recover All Their Lost Money
Techworld Date Posted: 3:29 AM | 288 Views
Each year thousands of Internet users become victims of a cybercrime that leaves them out of pocket.See More

 
Youth Congress for IT Harnesses the Boundless Potential of Technology and the Youth with AWS Educate
Techworld Date Posted: 21 September 2018 3:46 PM | 133 Views
The 16th Youth Congress for Information Technology (Y4IT), an enabling event recognizing young Filipinos as key drivers of the IT industry’s continued advancement, is set to happen on September 24 to 26, 2018 at.... See More
 
Youth Congress for IT Harnesses the Boundless Potential of Technology and the Youth with AWS Educate
Techworld Date Posted: 3:46 PM | 133 Views
The 16th Youth Congress for Information Technology (Y4IT), an enabling event recognizing young Filipinos as key drivers of the IT industry’s continued advancement, is set to happen on September 24 to 26, 2018 at...See More

 
Where the Stories of Successful People in IT Overlap
Techworld Date Posted: 18 January 2017 3:55 PM | 246 Views
Success stories are inspiring. They point us toward what might we experience on our way to our own success, leading us to our own stories,. See More
 
Where the Stories of Successful People in IT Overlap
Techworld Date Posted: 3:55 PM | 246 Views
Success stories are inspiring. They point us toward what might we experience on our way to our own success, leading us to our own stories,See More

 
UBTECH OPENS ROBOTICS SUMMER WORKSHOP
Techworld Date Posted: 8 May 2018 3:07 PM | 206 Views
The introduction and availability of programmable robots (Robotics) at brickand-mortar stores are still unrecognizable. For most, these robots are too expensive for a “toy” without even exploring its value and benefits to their kids,.... See More
 
UBTECH OPENS ROBOTICS SUMMER WORKSHOP
Techworld Date Posted: 3:07 PM | 206 Views
The introduction and availability of programmable robots (Robotics) at brickand-mortar stores are still unrecognizable. For most, these robots are too expensive for a “toy” without even exploring its value and benefits to their kids,...See More

 
There’s still time! Avail the Best Gaming Notebook This Holiday Season
Techworld Date Posted: 16 December 2017 4:43 PM | 224 Views
Only few days left for you to take advantage of this Christmas treat. MSI got you covered with up to P15,000 cash discount plus premium items as freebies upon purchase on select models. . See More
 
There’s still time! Avail the Best Gaming Notebook This Holiday Season
Techworld Date Posted: 4:43 PM | 224 Views
Only few days left for you to take advantage of this Christmas treat. MSI got you covered with up to P15,000 cash discount plus premium items as freebies upon purchase on select models. See More


Power by

Download Free AZ | Free Wordpress Themes