Learning for CyberSecurity, CyberCriminals
Over the past year. But with the presentation of the performance of the previous year, cyber-security companies have long been publishing their own forecasts for the new year.
We will be in the last days of 2018, and experts will provide estimates of the performance of companies and technology managers over the past year. But with the presentation of the performance of the previous year, cyber-security companies have long been publishing their forecasts for the new year.
In the following, we are going to look at some of the predictions made by some of the key actors in the arena:
1. Extract virtual currency in the browser (or cryptojacking)
Of course, crypto-jumping was among the most significant cyber threats in the late 2017 and early 2018, but declined over the course of the year, and there was no news about it, except for some of the campaigns that were launched by devices weaker in the Internet.
Another point is that due to the decline in the value of virtual currencies, the profit generated by this work was not as high as it was expected, and this may be due to the fact that traffic to the Coinhive site has fallen sharply in recent months, and interestingly, another website The name CoinIMP, which was considered to be its rival, was able to capture a huge amount of traffic.
So, according to forecasts in the new year, we will see fewer campaigns for injection of virtual currency extraction tools into content management systems, and instead we will face further tightening of other Internet threats.
2. Internet Scammers
According to Yonathan Klijnsma, senior research center for Internet threats at the RiskIQ center, Internet skimmers were among the most dangerous threats in 2018 and, as expected, will face the threat in the new year.
He predicted that the new year will see the emergence of new types of attacks. Of course, payment information is still at the forefront of attention, and this is due to the fact that in the Skye attacks, any information that is provided to a website is extracted from it. Experts also predict that skimmers in the new year, in addition to payment information, will go to users’ identity and logon information as well as other sensitive information.
Botnet can represent a lot of things, but in this context, botnets made from routers and Internet devices are objects that, according to Ankit Anubhav, a senior researcher at NewSky Internet Security Company, was primarily responsible for DDoS attacks and then to create Traffic traffic is used.
According to him, Internet Threat Things in 2019 are likely to expand in a variety of ways, such as extracting virtual currency within a browser or proxy switches. However, malware and various versions of it used in DDoS attacks will not disappear from the screen because they are still popular among hackers.
The researcher also predicted that botnets will no longer only infect machines due to SSH and Telnet attacks, which is due to the fact that the infected routers and Internet devices are saturated with other objects. Experts believe that new botnets are being developed by exploiting vulnerabilities.
A vulnerability can be used for infecting Internet objects that are not publicly available for a while, in addition to the fact that white hat patters put botnets on the Internet under suspicious circumstances. Therefore, it is anticipated that in the new year, we will see more techniques for Honeypot attacks or data encryption.
4- DDoS attacks
DDoS attacks have a long history of Internet threats, but companies still face the challenge of protecting their online assets.
According to Troy Mursch of the Bad Packets security firm, hackers are currently using protocols for DDoS attacks. In his talk of the CoAP protocol, he mentioned the next big event in the DDoS attacks.
5. Software Bundle
Rarities are also among the oldest threats to the Internet, which, according to some reports, are lately a bearish trend, or at least their widespread distribution campaigns are less visible.
Chester Wisniewski, Chief Executive Officer at Sophos, in his predictions for the new year, has come to the conclusion that ransom will be more targeted, and the hackers they use will focus solely on major goals such as government agencies and massive businesses. ; In fact, there are entities that are willing to make money on these bills.
Developers of these ransomware actually have the same function as penetrating tester, which is looking for weakened vulnerabilities and entry points. But unlike cybercriminals, cybercriminals work in their systematic manner to maximize damage.
But bundling is a great way to make money. For example, SamSam vendor vendors managed to earn $ 6.7 million in revenue over a period of approximately three years. In the new year, it is also expected to see other similar attacks through this malware. Particularly the Matrix, which regularly comes up with new releases, and Ryuk, designed for large organizations, will be more active in the new year than ever before.
6. Financial crimes
In relation to financial crimes, which in fact refers to cybercrime against banks, it might be worth mentioning the Kaspersky Lab report on “Cyber Threats against Financial Institutions in 2019,” and since it usually reviews financial crimes in The cyber arena may well be the most credible report.
The emergence of new local groups aimed at attacking financial institutions in the Indian-Pakistan region, Southeast Asia and Central Europe. To date, the focus has been on the Soviet-Latin American region.
Changing the focus of old cybercrime crimes from PoS malware to internet skyscrapers (because collecting payment cards from websters is far easier than creating PoS malware and infecting victims with their help).
Attacking Mobile Banking to Access Business User Information
Implementing advanced social engineering campaigns targeting operators, secretaries, and other network staff at companies. In these cases, hackers will use the disclosure to penetrate their networks.
Cloud servers will face more problems this year than in the year 2019. Of course, cloud servers have slowly become the target for virtual trojan extraction since the start of the year, but they are expected to increase sharply next year. The reason for this is virtual currencies that continue to be profitable, despite falling their value.
Jefferson’s vice president of cladding at Barracuda Networks says:
Cyber criminals will be smarter in using weakened accounts and will use methods that will be more difficult to track. Instead of using a high volume of a new source for extracting virtual currencies, they use resources that have been approved before. I predict that such attacks will increase next year.
8. Email attacks
The new year will start shortly, but that does not mean that hackers stop using old techniques. Therefore, email spam will continue to occur on a daily basis. Of course, spammers do not increase or decrease, and the reason is that they have remained steady for years.
But what experts are seeing is the rise of social engineering attacks, also called BECs.
The FireEye security company reported in its 2019 forecast:
We will see an increase in phishing attacks in targeted attacks, but we will face the phenomena of forging a CEO and weakening corporate emails. Therefore, it is recommended that the employees of the company be more cautious when it comes to receiving email from their key people.
9. Underground cyber criminals and hackers
FireEye reports in its forecast:
It is expected in 2019 to see low-skilled players achieve better techniques in the field of social engineering, better tools and larger goals.
These evaluations took place after hacking tools became available to the public. These tools were designed either by security experts to test network permeability or by criminal groups.
They are expected to be used in 2018 as well. The other thing is that now fewer criminal operations are made on customizable malware. Even government-affiliated groups have been focusing on hacking tools over the past two years, and in 2019, experts have been hoping to see less-skilled attacks.
10. Web site
In recent years, the authorities have made good progress in dismantling the criminal gangs on the Web site, and it’s unclear whether these groups are involved in drug trafficking, or the sale of weapons, cybercrime and the sale of confidential information, and even the distribution of ransom The software
Since late 2017, most cybercrime operations have been transmitted to encrypted platforms such as Telegram, Jabber / XMPP, and so on, and since the focus of law enforcement agencies on the Web site has increased over this period, it can be predicted that These groups continue to prefer the activity of encrypted messengers to the Web site.
According to companies like NewSky Security, McAfee, RiskIQ and FireEye, in the new year, we will see the development of evasion (ie bypassing information security devices to attack and spread malware). Of course, malware hiding from the antivirus perspective has always been among the goals of the malware writer, but now cybercriminals now seem to be more interested in this technique than ever before.
12. Seamless Information
The wide seam of information is a problem that has always happened and does not seem to change in the new year. It should be noted, however, that data seams are generally due to widespread hacker attacks, but in some cases, server administrators forget to set up a password for their own systems, and it is anticipated that more cases will occur in the new year. To be the case.