PandaLabs issues Annual Report and outlines cyber predictions for 2019

2017 was the year when the word ransomware stopped being a term exclusive to cyber security experts and IT departments. The enormous media attention that attacks such as WannaCry and Petya/GoldenEye received turned this type of threat into one of the key trends for businesses last year. However, PandaLabs warns that highly-publicised events must never serve as a risk indicator, nor influence any security-related decision.

This year, the constant evolution of cyber threats hasn’t shown any sign of slowing down. Cyber criminals continue to change their tactics. Instead of attention-grabbing and ‘showy’ attacks like those we saw last year, they’re now opting for sneakier tactics such as cryptojacking. 

One of 2018’s booming trends, cryptojacking is the unauthorised use of a user’s devices to mine cryptocurrencies. It can be realised via phishing e-mails, malicious URLs or through vulnerabilities. Its aim is to go unnoticed for as long as possible, and thus fully exploit its victims’ processing powers.

PandaLabs has compiled malware and threat data from throughout 2018. Traditional file-based malware continues to grow with a 60% rise throughout the year and up to 9 million malicious URLs and 2.4 million attacks blocked per million endpoints per month. Indeed, 20.7% of those machines studied experienced at least one malware attack during the period under analysis.

Malware-less attacks targeting the endpoint such as business e-mail compromise and using Remote Desktop Protocol (RDP) to infiltrate the network are becoming more prevalent, with RDP attacks taking place on 70% of medium-to-large scale PandaLab clients every month.

PandaLabs has identified and investigated 90 new valid incident types resulting from interrogating the forensic data to validate their hypotheses. This allows the Threat Hunting Team to protect against attacks that traditional security solutions are not able to detect such as in-memory execution and ‘live off the land’ activities using legitimate tools and techniques for malicious purposes. 

The year of personal data

One occurrence that has affected many cyber security professionals is the definitive implementation of the General Data Protection Regulation (GDPR) back in May. This had repercussions pretty much worldwide. The fact is that the GDPR has coincided with some of the most massive data breaches in history involving Marriott International, Exactis and the notorious Facebook/Cambridge Analytica case.

While 2018 has been an interesting year for cyber security, PandaLabs’ predictions for 2019 suggest it will be anything other than a ‘tock’ year. Geopolitical digital sovereignty, supply chain attacks, hackers harnessing Artificial Intelligence and the misuse of data are all causes for concern.

One of the leading trends in cyber security in 2019 will be live hacking. Although ‘traditional’ types of malware, such as Trojans or worms, are still being used frequently by attackers, new malwareless attack techniques will grow at a faster rate. This can be put down to an increased difficulty in detecting them on the one hand, and on the other to the increased cyber-offensive capacity in the world exhibited by Nation States and criminal gangs. The latter, of course, may be State-sponsored or unaffiliated.

In 2018, Nation States have played a more significant role in the digital realm as a consequence of the more protectionist positions in the Western World (ie the US and the UK), the reactions of other powers (mainly Russia and China) and the increasing climate of mutual distrust among them. One compelling prediction suggests that the concept of digital sovereignty will also spread to security in 2019, and especially in Europe, moving towards a European digital sovereignty.

*The full PandaLabs report is available to view at the following URL: http://partnernews.pandasecurity.com/uk/src/uploads/2018/12/PandaLabs-2018_Annual_Report-uk.pdf

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts