Looking back at 2018, the fight against malware showed glimmers of promise, as new technologies like artificial intelligence (AI) and machine learning (ML) were successfully deployed in some quarters to fight high-priority threats like ransomware.
The outlook for 2019 is less rosy, though, as malicious state actors and cybercriminals prepare for battle with a new array of tools and techniques designed to create mayhem and reap profits at the expense of everyone else.
Buckle up, IT security pros: the following trends indicate the anti-malware ride in 2019 is going to be a bumpy one.
State Actors Get More Involved with Cybercrime
Nation-states increasingly view cyberwarfare as a cost-effective component of geopolitical and economic competition. In the coming months, the well-funded engineering arms of various national intelligence agencies will develop new malware weapons to attack not only rival governments and their critical infrastructure (like power, water, and telecommunications), but also the businesses and citizens of those rival nations.
Many will enlist and fund the efforts of cybercriminal gangs to create chaos, steal intellectual property, and profit from fraud and extortion by breaching personal data. Efforts will continue to hide malware in the technology supply chain – embedding hidden eavesdropping and attack mechanisms in chipsets, firmware, applications and community software development hubs.
Cybercriminals to Wield New and Familiar Malware Weapons
Aided by the increasing industrialization of malware production (best exemplified by ransomware-as-a-service), criminal cyber gangs will prosecute attacks on sensitive data with an arsenal of proven and emerging malware weapons.
Some will be designed to steal sensitive personal data or valuable corporate intellectual property. Others will try to hold personal data or critical IT infrastructure availability hostage, only releasing it once a ransom is paid. You can anticipate:
- New variants of ransomware (including doxware, which threatens to publish sensitive data like browsing histories unless a ransom is paid)
- Much more widespread use of cryptojacking (stealing computing resources to mine cryptocurrency without sharing the profits)
- More distributed denial-of-service (DDoS) attacks on critical servers and networks, abetted by the conscription of armies of Internet-of-Things (IoT) devices
- Increasing use of fileless malware (which never becomes disk-resident, only loads directly into memory, and thus evades many signature-based endpoint anti-malware measures)
- More synergistic attacks (in which multiple malware attacks are injected onto a system and the poorest-defended one activated)
- Continued reliance on phishing as the most effective attack vector for malware, with more sophisticated attacks targeted at higher-value individuals.
New Technologies are Revealed as Dual-Use (Good and Evil)
The increasing reliance on cloud services, the advent of edge computing, the broader application of AI and ML, the proliferation of IoT devices, and the advent of 5G broadband wireless all promise to generate huge value to businesses, consumers and public institutions.
The other side of the coin, of course, is that those same technologies will certainly be used by malicious actors. Expect the bad guys to:
- Increasingly target cloud services and edge computing environments with malware attacks
- Use of AI and ML to improve attack techniques (e.g., by providing targeting sophistication and scale to the production of phishing emails)
- Enslave legions of IoT devices for use in DDoS and cryptojacking attacks
- Exploit the new attack surfaces and rich data targets presented by 5G networks and applications.
How to Fight Malware’s Army of Darkness in 2019
Based on this preview, you may surmise that life in the cyber protection trenches in 2019 will never be dull. You may also take heart in knowing that some very familiar best practices will still stand you in good stead, as 80 percent of the threats to your business and personal data will be attacks you have seen before and know how to combat:
- Practice good IT security hygiene: patch your operating systems, applications, and network devices quickly and diligently, and keep your anti-virus signature files up-to-date. Educate your users on good authentication practices and security awareness, especially regarding phishing. Get a plan in place to migrate away from Windows 7 if you’re still on it: it is still surprisingly widespread, its market presence having only been eclipsed by Windows 10 very recently. Windows 7’s many vulnerabilities, notably to the EternalBlue exploit, have reaped ransomware gangsters billions of dollars in the past year.
- Renew your internal efforts to fight phishing: it’s still the number one attack vector for malware. Criminals know it’s easier to convince an unwitting employee to unlock a door for them (by opening a malicious email link or attachment) than to punch through a network firewall. Keep educating your colleagues, especially your executive and management corps, to have their antennae up for social-engineering ruses in email.
Start arming yourself against the emerging new threats and vulnerabilities you have gotten a glimpse of here. Consider upgrading your cyber protection regimen in two critical areas:
- Complement your existing server and endpoint defenses with AI-enabled malware behavioral detection and response. It’s the only way to keep up with the ever-mutating array of industrially-produced malware strains like ransomware and cryptojacking that are the leading contenders to top 2019’s list of most pervasive and successful attacks. Acronis Active Protection is one proven example of this technology.
- Shore up the defenses of critical cloud applications that are a newly-inviting target for cyber crooks, including Microsoft Office 365, OneDrive for Business, and SharePoint Online. You will likely discover gaps in that protection compared to your defenses of premise-based applications. Acronis Backup with Active Protection provides exactly this kind of business-class cyber protection for cloud apps like Office 365.
For more information on improving data protection for cloud services like Office 365, or to experience the most secure business backup for yourself, consider a free 30-day trial of Acronis Backup, which includes our integrated, AI-based anti-ransomware defense, Acronis Active Protection.
Acronis is a Swiss company, founded in Singapore. Celebrating two decades of innovation, Acronis has more than 2,000 employees in 45 locations. Acronis Cyber Protect solution is available in 26 languages in over 150 countries and is used by 18,000 service providers to protect over 750,000 businesses.