The first half of 2018 was hit with some notable security events just days into the new year. And, unfortunately, these vulnerabilities are just getting started and are expected to get stronger and pose an even bigger threat. Here are the top five threats that we’ve seen in the first half of 2018:
1. Meltdown and Spectre
These complex vulnerabilities exploited fundamental issues in speculative execution. Meltdown is specific to Intel CPU’s, while Spectre affects systems on any platform. Both hold brand new vulnerabilities and still only have proof-of concept exploits available with no know exploits in the wild.
While ransomware isn’t exactly a new vulnerability, there’s new variants of ransomware that are popping up every day with different avoidance techniques, such as slower encryption speeds to avoid triggering file access count thresholds, delaying execution and hiding malware within different file types. This type of malware is only going to get more difficult to detect.
Making a strong appearance over the past six months, cryptojacking isn’t the traditional kind of security threat. Most are out to steal data on PCs or convince infected users to send malicious actors money directly. Instead, this falls more into authorization arena of security by using hosts for unauthorized activities. With increasingly lucrative (and erratic) nature cryptocurrency markets, malicious actors are looking for ways to perform the costly computations necessary to ‘mine’ new currency without paying for equipment, space and electricity themselves.
We first saw a version of a VPNFilter in 2016 which infected IoT devices to perform some of the largest DDoS attacks on the internet. This year we saw VPNFilter, a botnet that used very similar techniques to infect upwards of a half a million home routers and IoT devices, using credentials and old, unpatched exploits. Due to the increase in sourcing hardware and related firmware from small pools of companies with little to no changes to the code before release, these kinds of attacks are only expected to increase.
5. Fileless Malware
Over one third of malware comes in a fileless form now. Fileless Malware, malware that can launch without being stored on a disk, is outsmarting defenses and are exploiting tools that are already stored on the victim’s machine, becoming smarter and more powerful. We’re seeing that this Fileless Malware is posing a major threat for businesses. Because Fileless Malware lives in data, it’s possible to carry this malware in spreadsheets or word documents that get emailed back and forth in businesses, allowing it to blow right past any security system.
As a tech expert, it’s crucial to stay on top of these threats, how to prevent them and what’s ahead. And, if you’re interested in learning more about these events and the best way to prevent them, you can sign up for our free webinar on June 27 here.
The threat landscape is about large volumes, and all signs point to that continuing. A little bit of prevention by everyone means a huge amount of protection for everyone else.
Article is written by Dan Hoban, Chief Strategy Officer of Nuspire Networks, a state-of-the-science managed security service provider (MSSP) for some of the largest and most distinctive companies around the world. For more information, visit www.nuspire.com.