2017 was the year when the word ransomware stopped being a term exclusive to cybersecurity experts and IT departments. The enormous media attention that attacks such as WannaCry and Petya/GoldenEye received turned this type of threat into one of the key trends for businesses last year. However, highly publicized events must never serve as a risk indicator, nor influence on any security related decision.
This year, the constant evolution of cybercriminality hasn’t taken a break. Cybercriminals have already begun to change their tactics: instead of attention-grabbing, showy attacks like those we saw last year, they are opting for sneakier tactics such as cryptojacking.
Cryptojacking, one of 2018’s booming trends, is the unauthorized use of a user’s devices to mine cryptocurrencies, and can get in via phishing emails, malicious URLs, or through vulnerabilities. Its aim is to go unnoticed for as long as possible, and thus fully exploit its victim’s processing power.
The year of personal data
One new story that has affected many cybersecurity professionals is the definitive implementation of the GDPR in May this year, something that had repercussions in nearly the whole world.
And the fact is that this new regulation has coincided with some of the most massive data breaches in history: Marriott International, Exactis, or the notorious Facebook and Cambridge Analytica case.
What can we expect to see next year?
One of the leading trends in cybercriminality in 2019 will be live hacking. Although “traditional” types of malware, such as Trojans or worms, are still being used frequently by attackers, new malwareless attack techniques will grow at a faster rate. This can be put down to an increased difficulty in detecting them on the one hand, and on the other hand, to the increased cyberoffensive capacity in the world, both of states, and of criminal gangs, both state sponsored and unaffiliated.
In 2018, nation states have played a more significant role in the digital realm, as a consequence of the more protectionist positions in the western world (the United States and the United Kingdom), the reactions of other powers (mainly Russia and China), and the increasing climate of mutual distrust among them. One compelling prediction suggests that the concept of digital sovereignty will also spread to security in 2019, especially in Europe, moving towards a European digital sovereignty.
Find out all the main threat data from this year, together with the most important news, and all our predictions for 2019 in our PandaLabs Annual Report.
1 comment
Bunos dias:
Quiero que quede bien claro que no busco trabajo. Recientemente se ha incorporado a su empresa un directivo que estuvo trabajando conmigo, al que tengo en estima y del que me dolió mucho su marcha. Es por ello que les voy a hacer un regalo en forma de idea.
Imagino que en el servicio de End-user se estará haciendo uso de un puerto determinado.
En las organizaciones grandes es muy facil y debido a la comparticion de licencias, (Al no poder estar todos los equipos protegidos por causa de los costes) seria facil averiguar si esta o no activa la protección End-user simplemente intentando crear un sockect a dicho puerto.
Ell hecho de conocer si lo está o no, deja a un hacker interno poder entrar “hasta la cocina” en cualquier ordenador de la organización.
Una parte de esta idea, sería supervisar dicho puerto para averiguar quien está intentando averiguar el estado del servicio.
La otra sería una asignacion dinámica de puertos a dicho servicio, con el fin del que el hacker esté intentando averiguar el estado del servicio quede visible en el escaneo de puertos. Eso es todo. Si no lo esta, que ustedes lo implementen bien.
El fin de esto es “que las ratas se queden en su madriguera”
Saludos