IT threats: 7 trends for 2018

Of the 2018 IT security trends, the education and healthcare sectors would be particularly popular targets, according to Malwarebytes. The list of seven threats that businesses and individuals face is as follows:

1. cryptojacking "gold rush" becomes the biggest gold mine

Towards the end of 2017, cryptojacking activities exploded. These will continue to have a significant impact in 2018, especially as the value of cryptocurrencies continues to rise sharply. This year, Malwarebytes blocked 11 million connections to coin mining sites in just one day. What makes this scam so multi-faceted is that it blurs the line between everyday internet users and cybercriminals. A single mining cryptocurrency can be good for monetizing one's website in terms of increasing user numbers. But under these circumstances, cryptojacking activities are also likely to replace advertising on websites to become an entirely new source of revenue. Most of the cryptojacking originates from legitimate websites. However, criminals could use the websites and thus the currency for themselves.

2. increase in PowerShell-based attacks

In early 2017, various IT departments of the Saudi government were compromised with macros in Word documents and infected with Tojans. The malicious script attack aimed to consistently communicate from various devices, with compromised websites that acted as proxies for the command-and-control server. These malicious script-based attacks, especially the PowerShell-based attacks, are difficult to identify. They can easily bypass antivirus programs, making them very attractive to cybercriminals. Malwarebytes predicts many more PowerShell attacks next year.

3. educational institutions develop into a main target

Despite increasing complexity, cybercriminals will continue to target the simplest endpoints. Educational institutions often have an IT infrastructure that is not adequately protected and patched. This is because these institutions lack the resources to protect themselves professionally. In addition, this sector has an unmanageable number of endpoints that contain a large amount of data about students, faculty or parents. Data thefts often target these sensitive data sets. Educational institutions appear to be one of the most common targets for cyberattacks next year.

4. cybercriminals are increasingly professionalizing and organizing themselves

The number of tools that cybercriminals can use is growing all the time. And criminals need less and less prior knowledge and technical know-how to launch cyberattacks. As a result, attacks are becoming easier and therefore more frequent. This growth is also a response to the media and pop culture that have publicized the profitability and success of cybercrime. Ransomware alone brought in $1 billion this year. Entering the world of cybercrime is no longer taboo, as in some parts of the world these activities are more often not persistently prosecuted legally or by the police. At the same time, those who have already established themselves as "top players" in cybercrime will defend their revenue streams and areas of operation even more aggressively than before. Malwarebytes has already found that international cybercrime companies are even using mergers and acquisition strategies, as well as physical force, to secure and expand their revenue streams.

 5. IT security software will also be a target of attack

In 2018, cybercriminals will increasingly target IT security software solutions or even use them for their own purposes. By targeting trusted programs and solutions, criminals can control devices and manipulate users. Hackers will leverage IT security solutions by subverting the program directly on the endpoint or intercepting and redirecting cloud traffic. As these activities become more publicized, the public perception of IT security software, especially antivirus (AV) solutions, will continue to deteriorate.

6. more computer worms in use

In 2017, Malwarebytes found that the Wannacry and Trickbot malware used worm functions to spread malware. More malware families will use this technique in 2018 because compromising networks with worms is more successful than any other method - simply because it spreads the fastest. If hackers figure out how to use worms without attracting much attention (which has traditionally been the point of this malware), this tactic can become very successful.

7. IoT becomes 2018

For healthcare institutions, IoT models offer many advantages when medical devices can be connected directly to the Internet. Greater connectivity means better data analysis and therefore better patient care. But this approach increases the risk of data loss of patient information or unauthorized access to the devices. The healthcare industry will need to closely analyze the new era of networking and IT security. Similar to the digitization of patient records, security protocols must evolve to address the growing threat. Devices should have strong authentication, restricted access and verification of device-to-device communications. Encryption can be a critical factor in securing these devices. If device manufacturers do not adopt this technology themselves, they will need to offer third-party solutions such as IT security solutions.

Conclusion 

 "Our analysis shows that 2018 is not getting any better," said Marcin Kleczynski, CEO at Malwarebytes. "Hackers have increasingly sophisticated tools and technologies at their disposal. We see an army of cyber criminals forming, lured by cheap tools and the promise of quick cash. In addition, media outlets report on successful attacks and often glorify the hackers as well. To prepare for the coming attacks, more cybersecurity training, better education and proper awareness, and a layered approach are needed in businesses, as well as in private protection."