2018 started off with the announcements of key Operating System vulnerabilities Meltdown and Spectre, and the year has only quickened the rapid pace of evolution in cybersecurity. But there are three emerging trends that you need to be aware of.
1. Emerging Threat: Fileless attack vectors
Until recently, almost all hacking attempts have come down to executable files (.exe). Either through phishing email, or a compromised website, the primary delivery vehicle has been the same: an executable file would be run on the victim’s computer to initiate the infection code.
No longer. “Fileless attacks” are a bit of a misnomer because most of these new attack vectors still use files to; they just use different file types.
And yet the core of antivirus software has been the predictability of the executable file. Antivirus sweeps focus on .exe files, which is what makes fileless attacks such a challenge. According to Ponemon Institute, in 2017, over three-fourths of successful attacks used fileless attack vectors while only constituting one-third of total attacks. Fileless attacks are clearly making it past defenses more frequently than traditional measures.
And to make matters worse, fileless attacks are becoming increasingly common. In 2016, only one out of every five attacks was fileless, but in 2017, the occurrence rose to almost one out of every three. That figure continues to rise in 2018 as new attack tools are distributed amongst the hacker community, making it easy to create fileless malware.
2. Cryptomining Malware
“Malware distribution will rise and fall in conjunction with Bitcoin value.”
– Christopher Cain, associate malware removal engineer
The cryptomining malware craze began in 2017 when the price of bitcoin skyrocketed. The price, which rose to $20,000 per coin in December, gave added incentive to bitcoin mining activities. The most significant problem with cryptocurrency mining is the significant processing power, and therefore, electricity, required to mint new coins. In many parts of the world, the cost is not made up by the price of the coin.
Cryptomining malware solves this problem by leeching a victim’s computing resources behind the scenes, where the malware will sit and process, undetected, for as long as the victim’s computer is unaware of its presence. During this time, the computer will perform calculations to mint bitcoin, costing the victim processing power and electricity while sending the rewards to the hacker.
But while Christopher Cain was right to point out malware distribution, reality has shown a very different story. Malware distribution continues to rise despite an over 50% drop in the price of bitcoin. Almost every day, new permutations of this slow killer show up in the news. One of the most recent forms infects the computer and, when it is discovered and removal is attempted, crashes the computer. This particular form mines Monero coin, a different type of cryptocurrency altogether.
Within the first 50 days of 2018, there were 13 reported attacks, and this number continues to rise.
3. Antivirus Is Not Enough for Cyberdefenders
There are two factors at play in the current cybersecurity environment:
- Increasing value of digital goods
- Increasing sophistication of technology
Both of these factors are driving rapid evolution of hacker organizations. Teams are organized much like normal workplaces; there are product managers; labor is divided to drive development of new ways to infect computers and extract maximum financial value. Pressure on defenders and on businesses is rising. In response to these threats, 4 out of 5 organizations replaced or augmented their existing antivirus solution in 2017 (Ponemon Institute).
At Platte River Networks, we provide our clients with Intuition Security+, a home-cooked combination of best-of-breed security products and services. These cover way more than antivirus, delivering an holistic defense system that protects against emerging threats effectively.
- Single Sign-on & Multi-factor Authentication
- Internet Monitoring, Filtering & Protection
- Security Awareness End-User Training
- Enhanced Network Monitoring & Management
- Corporate & User Policy Provisioning
We have seen this coming for some time, and multifaceted protection remains the best way to defend against threats. When you implement multiple walls, of different types, systems, and rules, it does not matter if the attacker figures out how to slip past one; there are still five more, waiting.
If you are not a client of ours, we recommend taking your cyberdefense capabilities beyond antivirus. Holistic cybersecurity solutions are the best defense against a volatile, adaptive enemy.