The 2018
Threat Landscape

2018_Threat Landscape
Post Published On: May 23, 2018

In the February edition of our Blog, we welcome our newest addition to the Ingram Micro Cyber Security product portfolio, Bitdefender, to share their insights on plausible developments in the 2018 threat landscape. Such advances include; Large IoT Botnets, Fileless Attacks, GPU-based Ransomware and more!

Malware

After years of indiscriminate targeting, malware authors will increasingly focus on enterprises and networks of computers. Lateral movement will become standard in most malware, particularly in ransomware. These features will bundle both wormable exploits (particularly those leaked by intelligence agencies) and credential-harvesting utilities such as Mimikatz.

Malware written in scripting languages will increase dramatically. Attachments bundled with spam messages will likely diversify to include malware written in Perl or Python, along with the already traditional downloaders written in JavaScript.

Fileless Attacks

Fileless attacks and malicious manipulation of Windows configuration management tools such as Powershell will also play an important role in 2018. As more users embrace Windows 10 as the only Microsoft-based operating system with long-term prospects, hackers will focus on exploiting the Windows Subsystem for Linux to compromise computers.

Ransomware

Ransomware will remain public enemy number one. The threat landscape will remain faithful to the malware that monetizes best: ransomware, banker Trojans and digital currency miners, but these threats will undergo major changes in the way they perform. We expect to see ransomware that leverages GPU power for encryption purposes to move faster and attempt to circumvent antimalware products by using less documented, GPU-specific APIs that are less likely to raise red flags.

Large IoT Botnets

Large IoT botnets will become the new normal in 2018. The source code leaked by the Mirai team is already extensively used as building blocks for more sophisticated bots. This code will see new improvements in 2018 to allow lateral movement inside the compromised network for ransomware or spam-sending purposes.

PaaS

Last, but not least, Bitdefender experts also expect major changes in the PaaS (polymorphism as a service) market, a vertical that will consolidate throughout 2018. Cybercriminals already use advanced polymorphic engines running in the cloud to flood the market with unique variants of known malware, and the advantages they offer cybercriminals are extraordinary. Licensing access to these custom engines will likely generate good business for these actors and will put even more strain on security companies all over the world.

Final thoughts…

Even if the security landscape looks grim, there are plenty of things you can do to safeguard your organization. Security solutions with advanced behavioral protection can and will intercept unknown malware so your employees can stay focused on the job. And, while technology can help, most of the increasingly complex attacks leverage the human factor. Companies also need to consider significant investment in training staff, including the higher ranks, on the best security practices for the workplace.

Written by Bogdan Botezatu, Senior Security Analyst, Bitdefender.

For more information regarding Bitdefender please contact the Ingram Micro Account Manager, Karim Hindawi on +971524920088 or Bitdefender Channel Manager, Ahmad Tello on +97144589186.