This year, the world will see more legitimate software being poisoned by groups targeting wider victim profiles and geographies, with the added advantage that such attacks are extremely hard to spot and mitigate, according to Kaspersky Lab’s Targeted Threat Predictions for 2018.

 

Other hard-to-block attacks, such as those involving high-end mobile malware are also set to rise as attackers resort to new tricks to breach increasingly well-protected targets.

 

The annual predictions are prepared by the company’s experts, drawing on the research and experience gained over the course of the year. For 2018, Kaspersky Lab has complemented the targeted threat predictions prepared by the Global Research and Analysis Team with a series of industry and technology threat predictions.

 

Top advanced targeted threat predictions for 2018

 

In 2017, supply chain attacks such as Shadowpad and ExPetya showed how easily third party software could be used to gain entry into enterprises. This threat is expected to increase in 2018 as some of the world’s most dangerous threat actors start adopting the approach as an alternative to watering hole techniques or because other attempts to break in have failed.

 

“Supply chain attacks have proven every bit as nightmarish as we had previously theorized. As advanced threat actors continue to gain access to vulnerable development companies, back-dooring of popular or regionally popular software will become an increasingly desirable attack vector. Supply chain attacks will allow attackers to successfully gain access to multiple enterprises in target sectors while flying under the radar of system administrators and security solutions alike,” said Juan Andres Guerrero-Saade, Principal Security Researcher, Global Research and Analysis Team.

 

Other targeted threat predictions for 2018 include:

  • More high-end mobile malware. Over the last couple of years, the security community has uncovered advanced mobile malware which, when combined with exploits constitute a powerful weapon against which there is little protection.
  • Destructive attacks will continue to rise. The Shamoon 2.0 and StoneDrill attacks reported in early 2017 and the June ExPetr/NotPetya attack revealed a growing enthusiasm for destructive wiper attacks.
  • More attacks will lead with reconnaissance and profiling to protect attackers’ most precious exploits. Attackers will spend more time on reconnaissance and using profiling toolkits such as ‘BeFF’ to determine if a less-costly, non-zero day exploit will do.
  • Sophisticated attacks will be found exploiting the bridge between the OS and firmware. The Unified Extensible Firmware Interface (UEFI) is the software interface between the firmware and the OS on modern PCs. Kaspersky Lab expects more threat actors will make use of UEFIs highly advanced capabilities to create malware that can be launched before any anti-malware solution, or even the OS itself, has had a chance to start.
  • More router and modem hacks. This well-known area of vulnerability has been largely ignored as a tool for advanced targeted attackers. They sit at a critical juncture for an attacker intent on gaining persistent and stealthy access to a network, and could even allow an attacker to hide their trail.

 

Alongside these advanced threat predictions, Kaspersky Lab’s industry and technology threat predictions aim to help some of the most connected sectors understand and prepare for the security challenges they could face over the 12 months ahead.

 

Top industry threat predictions for 2018 include:

  • Connected vehicles are likely to face new threats as a result of growing supply chain complexity leading to a scenario where no one player has visibility of, let alone control over, all of a vehicle’s source code. This could make it easier for attackers to break in and bypass detection.
  • In healthcare, attacks breaching private networks to target medical equipment and data with the aim of extortion, malicious disruption or worse, could rise as the volume of specialist medical equipment connected to computer networks.
  • In financial services, the increased security of online payments means that fraudsters will turn their attention to account takeover attacks. Industry estimates suggest fraud of this type will run into billions of dollars.
  • Industrial security systems are likely to be at increased risk of targeted ransomware attacks. Operational technology systems are more vulnerable than corporate IT networks, and are often exposed to the Internet.
  • Kaspersky Lab also expects to see targeted attacks on companies for the purpose of installing cryptocurrency miners — an in time this could become a more lucrative, long term business proposition than ransomware.

 

The full Kaspersky Lab Threat Predictions for 2018 are available on Securelist.

 

To look back at what the Kaspersky Lab experts expected to see for advanced targeted threats in 2017, please read.


RECOMMENDED ARTICLE FOR TECHWORLD


 
Lenovo Continues Support for Youth Organizations, Named Exclusive Technology Partner Anew of TAYO Awards Foundation
Techworld Date Posted: 15 February 2018 5:13 PM | 221 Views
Lenovo, one of the world’s biggest technology companies, is once again the official technology partner of the Ten Accomplished Youth Organizations (TAYO) Awards Foundation, Inc.. See More
 
Lenovo Continues Support for Youth Organizations, Named Exclusive Technology Partner Anew of TAYO Awards Foundation
Techworld Date Posted: 5:13 PM | 221 Views
Lenovo, one of the world’s biggest technology companies, is once again the official technology partner of the Ten Accomplished Youth Organizations (TAYO) Awards Foundation, Inc.See More

 
ADATA and XPG to Showcase Latest Innovations at Computex Taipei 2018
Techworld Date Posted: 25 May 2018 3:27 PM | 280 Views
ADATA Technology, a leading manufacturer of high-performance DRAM modules and NAND flash products, today announced that it will be showcasing its latest products at Computex 2018 Taipei (Taipei Nangang Exhibition Center, 1F, booth I0608),.... See More
 
ADATA and XPG to Showcase Latest Innovations at Computex Taipei 2018
Techworld Date Posted: 3:27 PM | 280 Views
ADATA Technology, a leading manufacturer of high-performance DRAM modules and NAND flash products, today announced that it will be showcasing its latest products at Computex 2018 Taipei (Taipei Nangang Exhibition Center, 1F, booth I0608),...See More

 
Innovation Insights Defending Today’s OT Environments
Techworld Date Posted: 22 January 2018 2:27 PM | 222 Views
Operational Technology, or OT, including SCADA (supervisory control and data acquisition) and ICS (industrial control systems), is a system of hardware and software designed to monitor and/or control the physical devices, processes, and events.... See More
 
Innovation Insights Defending Today’s OT Environments
Techworld Date Posted: 2:27 PM | 222 Views
Operational Technology, or OT, including SCADA (supervisory control and data acquisition) and ICS (industrial control systems), is a system of hardware and software designed to monitor and/or control the physical devices, processes, and events...See More

 
Botnet Activity in H1 2018: Multifunctional Bots Becoming More Widespread
Techworld Date Posted: 3 September 2018 5:14 PM | 171 Views
Kaspersky Lab researchers have published a report on botnet activity in the first half of 2018, analyzing more than 150 malware families and their modifications circulating through 600,000 botnets around the world. . See More
 
Botnet Activity in H1 2018: Multifunctional Bots Becoming More Widespread
Techworld Date Posted: 5:14 PM | 171 Views
Kaspersky Lab researchers have published a report on botnet activity in the first half of 2018, analyzing more than 150 malware families and their modifications circulating through 600,000 botnets around the world. See More

 
Seven Ways to Ensure a Data Breach Does Not Happen to You
Techworld Date Posted: 12 September 2017 3:18 PM | 269 Views
By: Derek Manky Global Security Strategist,Fortinet 143 million. The number of US consumers potentially affected by the recently announced credit services data breach is staggering. It's nearly half the US population. And as a credit reporting.... See More
 
Seven Ways to Ensure a Data Breach Does Not Happen to You
Techworld Date Posted: 3:18 PM | 269 Views
By: Derek Manky Global Security Strategist,Fortinet 143 million. The number of US consumers potentially affected by the recently announced credit services data breach is staggering. It's nearly half the US population. And as a credit reporting...See More

 
Kaspersky Lab Announces Opening of New APAC Headquarters
Techworld Date Posted: 14 July 2017 2:17 PM | 200 Views
To support the expansion of its business in Asia Pacific, Kaspersky Lab today announces the opening of a new location in Singapore for its regional HQ. There are currently 37 Kaspersky Lab offices in 32.... See More
 
Kaspersky Lab Announces Opening of New APAC Headquarters
Techworld Date Posted: 2:17 PM | 200 Views
To support the expansion of its business in Asia Pacific, Kaspersky Lab today announces the opening of a new location in Singapore for its regional HQ. There are currently 37 Kaspersky Lab offices in 32...See More

 
Is Anxious the New Normal? Majority of Generation Z Admit to Feeling Anxious about Something in Their Daily Lives and Often Don’t Seek Advice to Help Them Cope with It
Techworld Date Posted: 15 January 2019 3:07 PM | 31 Views
A new Kaspersky Lab report has shown that Generation Z is the most anxious to date, with the vast majority of young people admitting they are worried about something in their lives, and the.... See More
 
Is Anxious the New Normal? Majority of Generation Z Admit to Feeling Anxious about Something in Their Daily Lives and Often Don’t Seek Advice to Help Them Cope with It
Techworld Date Posted: 3:07 PM | 31 Views
A new Kaspersky Lab report has shown that Generation Z is the most anxious to date, with the vast majority of young people admitting they are worried about something in their lives, and the...See More

 
Honeywell Awards Three Scholarships to Chemical Engineer Students in the Philippines
Techworld Date Posted: 7 November 2017 4:41 PM | 240 Views
Honeywell (NYSE: HON) announced today that it has awarded scholarships to three Filipino students majoring in chemical engineering at a leading university in Philippines, affirming Honeywell’s continued investment in building the future engineering talent.... See More
 
Honeywell Awards Three Scholarships to Chemical Engineer Students in the Philippines
Techworld Date Posted: 4:41 PM | 240 Views
Honeywell (NYSE: HON) announced today that it has awarded scholarships to three Filipino students majoring in chemical engineering at a leading university in Philippines, affirming Honeywell’s continued investment in building the future engineering talent...See More

 
DJI Introduces Mavic 2 Pro and Mavic 2 Zoom: A New Era for Camera Drones
Techworld Date Posted: 21 September 2018 9:10 AM | 127 Views
DJI, the world’s leader in civilian drones and aerial imaging technology, has introduced a new era for camera drones with two additions to its iconic Mavic series: Mavic 2 Pro, the world’s first drone.... See More
 
DJI Introduces Mavic 2 Pro and Mavic 2 Zoom: A New Era for Camera Drones
Techworld Date Posted: 9:10 AM | 127 Views
DJI, the world’s leader in civilian drones and aerial imaging technology, has introduced a new era for camera drones with two additions to its iconic Mavic series: Mavic 2 Pro, the world’s first drone...See More

 
Power Mac Center Launches App Development Contest for Kids
Techworld Date Posted: 12 December 2018 4:13 PM | 83 Views
Apple Authorized Training Provider Power Mac Center, in collaboration with Kids Can! Innovation Camp, launches emPOWER UP! Design a Better World: App Development Challenge for kids between 10-15 years old.. See More
 
Power Mac Center Launches App Development Contest for Kids
Techworld Date Posted: 4:13 PM | 83 Views
Apple Authorized Training Provider Power Mac Center, in collaboration with Kids Can! Innovation Camp, launches emPOWER UP! Design a Better World: App Development Challenge for kids between 10-15 years old.See More


Power by

Download Free AZ | Free Wordpress Themes