The cybercriminals will continue using intelligent ‘malware’ capabilities lateral movement predicts Check Point ahead to 2019, a scenario that follows 2018 in which companies have had to face an increase in the volume of assaults against their “endpoints” and their networks.
“The evolution of cyber attacks and cybersecurity in the last 25 years has been rapid and continues to accelerate,” said the general director for Spain and Portugal, Mario García. Developing ways to protect against threats has been “a constant challenge,” though he has warned that ” the next generation of attacks will be even smarter .”
The cybercrime industry is estimated at 1.5 trillion dollars. And it grows every year, as indicated by Check Point. It is about trying that things do not happen. Not only must we detect the attacks, but also prevent them, something important if we take into account, as García pointed out, that nowadays “everything has become digital”.
From Check Point, which turns 25 years, they assure us that we can protect ourselves, while the technologies exist for it, but they warn that they must be applied correctly. That is, make use of technologies that adjust to the current threat.
Malware intelligence in 2019
” Ransomware ” has been an easy money source for criminals in 2018, as well as a camouflage to hide more destructive purposes, as explained by Check Point. Users of all types, from individuals to large companies, have been victims of a cyber attack. And in this regard, the company warns that you can expect to see large orchestrated attacks around the world similar to WannaCry.
As operating systems strengthen their security, there will be a decrease in the use of “exploits” to target vulnerabilities, in favor of an increase in the use of basic “hacking” techniques caused by human error. However, and as they point out from the company, highly advanced and country-sponsored targeted attacks are emerging, and it is likely that by 2019 they will continue to increase.
Some reports encrypt the business of cybercrime (with conservative estimates) in more than 1.5 trillion dollars which would make this activity, if considered as a country, the thirteenth world economy, at the level of, for example, Russia.
“If we observe the level of industrialization and benefits that the cybercrime industry moves, we can expect that the progression will continue to increase in terms of complexity and number of attacks,” comments the technical director of Check Point for Spain and Portugal, Eusebio Nieva.
In this sense, targeted phishing attacks will become more frequent and a more popular attack strategy. In addition, IoT attacks will increase, not only as direct targets but also as the main point of entry because these devices are often less secure than networks, endpoints or local data centers.
Another point of interest for cybercriminals are cloud environments. Computerization without servers and the storage of data in the cloud has become widespread in all sectors, to the point that, as pointed out by Check Point, 70 percent of European companies already have hybrid clouds.
However, from the company remember that cloud technology and the infrastructure that supports it is relatively new, and there are still vulnerabilities that provide backdoors that allow cybercriminals to access corporate files and distribute “malware”.
During 2018, more than 50 percent of the incidents managed by the Check Point response team were related to the cloud, and more than half of them were related to the acquisition of SaaS applications or hosted servers.
With the increasing use of file-sharing services in the cloud, data leaks will continue to be a major concern for organizations that move in this environment during the next year. However, the company expects cybercriminals to target specific departments and employees of the company, also known as spear phishing, in order to obtain more lucrative rewards, such as the financial department.
The emergence of new technologies and their use implies new hazards almost immediately. It has been seen with cloud technologies, the appearance of cryptocurrencies and their popularization, which has led to the emergence of new types of “malware”. In the same way, the rise of personal devices and IoT can be exploited for different criminal purposes, which will give rise to a new generation of attacks characterized mainly by their volume and scope.