As we look back on the security events and trends that shaped 2017, let’s now reflect on what’s expected for the security industry in 2018.
A Look Back at 2017
In 2017 we saw both the deployment of defensive measures that’ve been generally unavailable to the IT community until now, as well as an increase in hacker’s ability to breach our defenses even with these defensive measures in place.
Exploit kits continued to be an effective attack vector in 2017. Researchers at Minerva found that exploit kits were the most common way to spread ransomware in 2017, with over 60% of them applying evasive techniques.
One of the most notable security happenings of 2017 took place in June when The Shadow Brokers leaked a repository of extremely disastrous exploits. Since the leak, there’s been a huge spike in malware abusing ETERNALBLUE/DOUBLEPULSAR and ENTERNALROMANCE. High profile attacks like the recent WannaCry and NotPetya attacks are just a few campaigns that spread using the exploits published by The Shadow Brokers.
Increased interest in vaccination was also seen in 2017. While the concept of vaccination is not new, organizations started paying more attention to it due to the broader availability of the tools that make it feasible to deploy vaccines in the enterprise. Another reason for the increased interest could be because of in increasing difficulty in detecting evasive malware.
2017 saw the rise of cryptocurrencies such as Bitcoin, Ethereum, and ZCash. But as this trend rises, so is the use of cryptomining malware by hackers. This trend is due to multiple factors: cryptomining is less likely to attract the attention of law enforcement, virtual coins offer high levels of anonymity, and it’s easier to cash out illicit gains. Attackers are now looking for new revenue sources outside of ransomware, and are increasingly attracted by crypto malware.
Into the Future: Predictions for 2018
The findings from Minerva conclude with expectations and predictions for 2018. Among their predictions for the New Year includes the continued commoditization of attack tactics that were at some point considered advanced and the increased popularity in sophisticated exploits and anti-malware evasion. In addition, as hackers look for new revenue streams, it’s predicted many will turn to malicious cryptominers in 2018. Fortunately, enterprise defenders will continue to invest in additional protective measures for safeguarding critical IT assets and combating malicious malware in the enterprise.