The Cyber Security arms race between hackers and security professionals took another turn in 2018 as the escalation of technology between the two sides continues. According to the Cisco’s 2018 Annual Cybersecurity Report, hackers layered their attacks with new techniques and innovations that challenged the cybersecurity defenses of organizations across the world.
According to the Cisco 2018 Annual Cyber Security Report, cybercriminals use the following new technologies in their quest to spread their malicious applications and compromise the security of businesses:
1. Encrypted Malware
Encryption’s use is no longer just limited to cyber security, it can also protect a malware’s network communication channels – making it difficult for defenders to discover the data it is transmitting. Threat researchers detected that out of 400,000 malware they inspected, 70% used some level of encryption.
2. Burst DDoS Attacks
Aside from lengthy DDoS attacks that can take hours to abate, hackers are now employing a high-intensity short duration or burst DDoS attacks that aim to destabilize service availability for weeks on end. These intense, intermittent attacks often target gaming services in a bid to make their games laggy or unreliable.
3. Sandbox Evasion
Proactive techniques like the use of sandboxing technologies are gaining traction as methods in denying malware a toehold into an organization’s systems. Cyber criminals are aware of this new solution and are developing new techniques like exploiting the “document_close” event to deliver malware. Basically, a sandbox will keep a file open in its container and when it is deemed safe, the system delivers the file to its intended recipient. When the recipient closes the file, the malware gets deployed.
4. Cloud Services Abuse
The survey has found that 53 percent of security professionals now use the cloud for better security. This is a good trend to offset the current wave of attacks which cyber criminals launch from the very architectures of cloud services. Basically, a cyber criminal creates an account to gain access to cloud services and abuses it to launch malware.
The current threat landscape has seen a rise in the use of crypto worms – a kind of ransomware which infects a file and then encrypts it. Cryptoworms have been around since 2016 but the newer strains can self-propagate across systems. According to Cisco, its threat researchers rank the threat of data-erasing crypto worms are high because they have the capacity to wipe out the entire Internet.
These trends are indeed worrying in terms of cybersecurity. However, let’s not discount the improvements AI, machine learning, and automation have in the fight against cybercrime. If the bad guys have new gadgets, the good guys have them too.