Will 2019 go off with a bang?
It most certainly seems so, judging by Kaspersky Lab’s predictions for 2019. According to their experts, threat actors will go to new depths to carry out even more debilitating attacks.
Long Live APTs?
Not necessarily. Experts say big APTs are no more.
Advanced Persistent Threats will come from two groups: newcomers and the veterans. The latter pose the greatest threat since they are well-resourced and have the experience to explore new and more sophisticated techniques. These will be even harder to discover and attribute.
In the past few years, state sponsored actors were the cause of many cyberattacks. Threat actors will try their best to avoid the limelight which they previously strove for. Without the big publicity stunts, threat actors will go underground and try their hardest to avoid the radar to reduce the likelihood of being found-out. Using their access to resources, toolkits and practices will be diversified, obscuring detection and attribution.
A new approach, the tools specialised for targeting victims and causing as much damage will be deployed. Threat actors can focus their activities on discreet botnet-style compromise or perform insidious attacks on selected targets.
The other more energetic, albeit inexperienced, newcomers will not pose a big a threat as the veterans. However, more from this group can be expected. The low barriers to entry permit their proliferation. Newcomers can access a plethora of highly-effective tools, re-engineer leaked exploits and frameworks. These are all publicly available.
Interestingly, experts predict these groups will come predominantly from Southeast Asia and the Middle East.
Something Wicked This Way Comes
Five additional predictions made. Everyone – from industry to individuals – will be affected. Many of these are intensification of previous year’s trends, leveraging on the ever-interconnected digital world.
The trend of supply chain attacks will carry over from the past two years. In the past, these exploits have been highly successful. Damage was wreaked upon providers, causing everyone to think deeply about who they work with and how secure they are. Supply chain attacks will be an effective infection vector.
Secondly, IoT botnets will grow at an unstoppable rate. Over the years, IoT botnets have been proliferating the scene. Desensitisation to its presence should be warned against, neither should its ability to cause havoc. The growing strength of IoT botnets can be extremely powerful if in the wrong hands.
Additionally, mobile malware will be a mainstay. Many threat actors typically have a mobile component to their campaigns since the infection can be spread to a broad list of potential victims. Although experts predict no big outbreak in mobile targeted malware, we should expect to see continuous activity and new ways for advanced attackers to gain access to a victim’s device.
End-user vulnerability is only set to weaken. With a steadily growing number of people on social media sites, data is readily available to be used against users. Recent large-scale data leaks from the various social media sites aid attackers improve the success of spear-phishing. Hence this infection vector is believed to gain importance.
Finally, public retaliation will characterise the industry. Heavily publicised attacks on private and public sector organisations have raised justice and public exposure of threat actors to a new level. The incited sentiments can create a wave of opinion to justify the need for more serious diplomatic consequences around the world.
Vicente Diaz, security researcher at Kaspersky Lab, said, “In 2018, threat actors have led to new paradigms. Public awareness has grown and expert investigations have highlighted big cyber-operations, making the topic front page news across the world. This will lead to a change in the cyber-landscape, as sophisticated threat actors seek silence and obscurity for their attacks in order to increase the likelihood of success. This shift makes the finding of new, large-scale, sophisticated operations very unlikely, and will definitely take the art of detection and attribution to the next level.”
A full list of predictions can be found on Securelist.