McAfee released his Threats Prediction Report for 2019. It identifies various cyber security trends for 2019 and looks at how these trends will shape the threat landscape in 2019. Malware as a service is expected to gain in popularity, making attack methods more innovative and agile.
Company data and reputations and IoT devices in the home are becoming increasingly vulnerable as cybercriminals use social media, the cloud and mobile phones for attacks. In 2018 we saw that cybercriminals are increasingly working together in underground networks, says Raj Samani, chief scientist at McAfee.
The cooperation of cybercriminals means that technologies and tactics are being shared more and more efficiently underground. According to Samani, this creates organised and agile criminal organisations. And although these collaborations will be seen in 2019 and will also have consequences, the cooperation between important parties in the field of security in particular is also becoming increasingly effective.
As security gets better and better, attackers also need to become more inventive. The availability of modular attack components on the underground market allows attackers to combine recognized tactics and technologies to achieve new goals. As such, mobile malware, botnets, bank fraud, ransomware, and attempts to bypass two-factor authentication are expected to grow in 2019.
While companies are increasingly using AI to improve security, cybercriminals are also seeing the benefits of this for their activities. The availability of technology such as AI-as-a-service allows cybercriminals to develop attacks that are increasingly difficult to detect. Thanks to AI, cybercriminals have the opportunity to automate target selection, scan a potential target network for weaknesses, and investigate the responsiveness of infected networks. This prevents them from being detected before they start the next stages of an attack.
There are also increasingly large campaigns to extort companies. The expectation is therefore a growth of super-threats to increase the success of a cyber-attack. Criminals then combine multiple types of attacks to bypass defenses. Think of a combination of phishing, stegware and fileless malware to launch a multi-purpose attack.
More complex goals
As cybercriminals have more and more effective tactics and strategies at their disposal, they can focus their attacks on broader and more complex targets. In 2019, this will include intellectual property, the Internet of Things (IoT) in the home and identity data in the cloud, on mobile phones and on social media.
McAfee also predicts significant growth in targeted attacks on the vast amounts of corporate data now in the cloud. Sun 21% of the data currently managed in the cloud contains sensitive information such as intellectual property, customer and personal data. Possible scenarios for such attacks include cloud-native attacks targeting weak WPIs or unmanaged API endpoints, extensive exploration and extraction of data from cloud databases, and use of the cloud as a springboard for cloud-native man-in-the-middle attacks to perform cryptojacking or ransomware attacks.This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.