No one can see into the future, but predictions can be made. Whether or not these predictions come to reality we will know at the end of this year, but, for now, it is important to assess the threats that were active in the last 12 months, as well as to analyze the tendencies in malware world to see what threats could be faced in the future. Undoubtedly, prevention is the best weapon when it comes to fighting malware, and while many employ basic security measures, sometimes, that is not enough. The world of malicious infections is ever changing and evolving, and cyber criminals and schemers are working tirelessly to find new ways to infect vulnerable systems and exploit the gained privileges in various malicious ways. Some infections are created for the sole purpose of creating backdoors that other infections could use. Then there are malicious threats that are created to attack the targeted user directly. All in all, while it might be hard to know exactly what kinds of dangers will create chaos in 2018, malware is dangerous in whichever shape or form it comes in. The good news is that there is always something to be done about it.
Enemy Number 1: Ransomware
Ransomware swept in back in 2016, but in 2017 malware researchers have been observing that more and more cyber criminals were moving towards using ransom-demanding infections. That was made possible because of open source codes and malware kits that became available to everyone and anyone. One no longer has to have a great deal of experience or skill to build a file-encrypting ransomware and carry out a malicious attack. This is the main force that has led to the rise of ransomware from the Hidden Tear family. Hundreds of infections – including Crypt0 HT Ransomware, Cryp70n1c Ransomware, and French Ransomware – were built using the same code, and that has allowed cyber criminals to terrorize thousands of Windows users worldwide. That being said, these infections are not the biggest ones. The malware trends report prepared by Sophos, Ltd. found that WannaCry, Cerber, Locky, Blobeimposter, Petya, and Jaff Ransomware infections were the biggest last year, with WannaCry Ransomware being responsible for 45.3% of all accounted attacks. When it comes to numbers, it was reported that the monstrous WannaCry infected over 300,000 computers worldwide.
While many ransomware threats are targeted at regular Windows, Linux, and Mac users, the ones we hear about the most are the ones that infect systems that belong to government, national health institutions, banks, international companies, etc. Just recently, a variant of the LockCrypt Ransomware was found to have affected 48 servers of Mecklenburg County in North Carolina. Cyber criminals behind the attack were demanding a ransom of $23,000. Since cyber criminals could not expect regular users to pay ransoms this big, it is no wonder they have moved on to bigger fish. It is predicted that this will continue to be the major focus for ransomware operators in 2018 as well. Malware researchers are also predicting that we will see more file-less ransomware next year. SOREBRECT Ransomware is an example of that. Our research team has prepared a guide that offers 8 tips to protect your company against ransomware. When it comes to protecting home systems, it is crucial to back up files, install up-to-date security software, and stay away from spam emails and corrupted installers.
Android Users Might Become Prime Targets for Malware Creators in 2018
We no longer live in the times when encountering malware on our Android devices was news. There is a new story regarding Android malware probably every day, and, unfortunately, in 2017, malware experts have been noticing that major threats were spreading from the trusted Google Play Store. In April, we saw 2 million Android users being affected by malware that posed as popular mobile games. In September, malware named “ExpensiveWall” was spreading via at least 50 different apps on Google Play, and it was reported by Check Point that malware could have been downloaded by 21 million victims worldwide. With over 2 billion active users every month, Android is by far the biggest mobile operating system worldwide. Just like with PC-based malware, prevention is key, and if Android users take measures to protect smartphones, security-related issues can be avoided. The trickiest part, of course, is knowing which apps are trustworthy and which ones are not. While Google Play has gained somewhat of a bad reputation due to the malware that managed to slip through unnoticed, it still is the most reliable source for apps. Of course, users need to be careful about what they install at all times, regardless of the source.
Windows and Mac Malware on the Rise
In 2017, the most exploited vulnerability, CVE-2012-0158, was surpassed by CVE-2017-0199. Both permit remote attackers to execute malicious codes to open security backdoors. These vulnerabilities, however, have patches, and it is up to users to apply them in time before cyber criminals find ways to exploit them. Without a doubt, installing security updates is one of the most important things every owner of any kind of computing device must take care of. If security updates are ignored, malware creators and distributors are thriving. Right now, it is difficult to predict how many new vulnerabilities will be found in 2018 or what kind of malware will exploit it. Vulnerabilities could be exploited by PUPs/PUAs (potentially unwanted programs and applications) too. These can be dangerous to all, but Mac users need to be particularly careful about them. Such PUAs as MacKeeper, Genieo, SpiGot, InstallCore, and Conduit Search Protect have been spreading in 2017, and they are unlikely to seize in 2018. On the contrary, they could be joined by other PUAs. Another danger that is worth mentioning and that both Windows and Mac users are likely to be facing in 2018 is the so-called “tech-support” scams which are set up by schemers who pose as security experts.
We are unlikely to see malware decrease in numbers or power in 2018. File-encrypting and ransom-demanding ransomware is likely to prevail as the most common threat users will be facing worldwide. Cyber criminals are likely to continue exploiting known vulnerabilities and users’ carelessness to invade systems. It is also likely that malware attackers will turn more towards attacking big companies and organizations. We could be seeing new kind of malware popping up as well, but this is something only time will tell. In the meantime, users all over the world need to make sure they are doing everything to keep their personal data and privacy protected and their operating systems malware-free.
Gragham, C. May 20, 2017. NHS cyber attack: Everything you need to know about 'biggest ransomware' offensive in history. The Telegraph.
Hackett, R. September 14, 2017. Massive Android Malware Outbreak Invades Google Play Store. Fortune.
Melnykov, B., Root, E., and Polkovnichenko, A. September 9, 2017. ExpensiveWall: A Dangerous ‘Packed’ Malware On Google Play That Will Hit Your Wallet. Check Point.
Popper, B. May 17, 2017. Google announces over 2 billion monthly active devices on Android. The Verge.
Sophos. 2018 Malware Forecast. Sophos Ltd.