Ransomware has grown by 350% according to a report by Dimension Data, and accounts for 7% of all malware. It has been reported that ransomware costs American businesses north of 75 billion dollars a year, with most attacks never publicly disclosed. The biggest increase in ransomware is expected to take the form of Cryptojacking, also known as “Cryptomining malware.” We discussed the problem of Cryptojacking in a recent blog post, in which we described how hackers can hijack computer processing power to mine cryptocurrency. We expect these cyber security threats for 2019 to continue to grow.
Software Subversion Expanding
As Security magazine reports, “While exploitation of software flaws is a longstanding tactic used in cyber-attacks, efforts to actively subvert software development processes are also increasing.” In other words, the software you download may be infected, giving hackers a back channel into an entire network. Malware has even been detected in open source software libraries. Another variant is this: hackers may offer software that is spelled slightly different than a popular application (such as adding an “s” or leaving out a letter), with the only other difference being the inclusion of malware. So be careful what you download, even if it’s from a seemingly trusted source.
One of the top cyber security threats for 2019 is due to the expanding resources available to cybercriminals. Historically, many cybercriminals have worked alone, or in small groups. That’s starting to change. The proliferation of hacker forums and chat groups have launched a robust black market where cybercriminals buy and exchange malware, botnets and other
criminal resources. The availability of these rogue offerings means that even inexperienced, or less able, hackers can launch sophisticated attacks. These “malware-as-a-service” opportunities will only continue to grow, which will result in an increased number of cyberattacks, especially in regard to identity and credit card theft. If you think the threats are numerous now–and they are–an aggressive and nearly overwhelming wave of attacks may be on the horizon.
Synergistic Threats Increasing
GandCrab has been in the news frequently. Discovered in January, GandCrab is a ransomware Trojan horse, encrypting files on a computer and then demanding payment to decrypt them. Just recently, the group behind GandCrab has targeted users visiting adult websites, asking for money to keep silent about their potentially embarrassing visits. This, however, is just a ruse to mask their real intent. When a user clicks on the email link, he or she inadvertently installs the GandCrab ransomware onto his or her computer.
GandCrab has grown to be so large, they are soliciting cybercriminals to partner with them. As McAfee reported, “At the end of September, the GandCrab crew started a ‘crypt competition’ on a popular underground forum to find a new crypter service they could partner with.” This will let the GandCrab organization expand its criminal activities in new, unforeseen, ways.
In 2019, many experts, including Security magazine, predicts attackers will continue to combine tactics to create multi-faced, or synergistic, threats. To combat them, organizations will also need to synergize their defenses.
Social Media Misinformation Mounting
The proliferation of Russian-originated Facebook pages influencing the 2016 U.S. presidential elections has been well documented by news sources across the world. So, it shouldn’t be a surprise that cybercriminals are eyeing social media as offering rich opportunities for criminal enterprise, with posts and pages displaying an impressive degree of professional-looking design for dishonest purposes. Botnet operators can test messaging just like a marketer, including the use of hashtags, to determine the success rates of their misinformation.
Social media platforms are aware of the potential abuse, and are focusing their resources on stopping it, but with so many users, and so much data available on sites, criminals will further focus their resources on these big-scale platforms.
Protect your business from the Cyber Security Threats for 2019
These five cyber security threats for 2019 are just the tip of the iceberg. There are many more threats out there, many of which we may not even be able to imagine yet. The only thing an organization can do is to be prepared with smart, sophisticated technological resources and by adhering to best Internet safety practices. Consider DYOPATH your partner in anti-crime. DYOPATH Security Offerings run the gamut from employee training to insider threat solutions. We’ll help you be prepared for the cyber security threats for 2019 and those still to come.