PandaLabs technical director Luis Corrons has urged the cyber security community to ‘forget about malware’. In the opening remarks to PandaLabs Annual Report, Corrons claims that forfeiting the fight against malware is the first step towards securing data.
He says: “Ultimately the secret is ‘forgetting about’ malware. If we focus on fighting malware, the battle is lost before it has begun. Using Machine Learning technology to protect our customers means that PandaLabs technicians are more comfortable when it comes time to investigate attacks. That is very bad news for the attackers. Our Threat Hunting team analyzes and hunts down anomalous behavior patterns, no matter how innocent they may seem at first glance. And they have discovered numerous new attacks, some of which we describe in this report. The combination of advanced technologies and managed services allows us to classify 100 per cent of active processes and know what is happening while it is happening. Unlimited visibility and absolute control reduces the impact of any threat to zero.”
In terms of the motivation behind attacks in 2017, the report identifies that ‘more than half of attacks are motivated by financial targets, while espionage is the second greatest motivating factor’. Stealth attacks with adaptive lateral movements were also identified as becoming all too common, with malware attacked increasingly favoured. executed.
An increase of ex-employees attempting to extort their previous companies by initiating attacks from within the company, was identified as a major cause of attacks in 2017. Likewise, there was a larger presence of organized cybercriminal groups, such as the Lazarus Group, attacking the media, the aerospace and financial sectors, as well as critical infrastructures in the US and elsewhere.
In terms of 2018, the report predicted more attacks to IoT and mobile devices. The report said: ‘Malware for mobile devices and the Internet of Things will continue to rise. In general, IoT devices are not targeted by cybercriminals as the ultimate goal. But when compromised, these devices increase the attack surface and are used as a gateway to the company’s network.’
More advanced attacks and more ransomware attacks can also be expected in the coming year. These attacks promise a high return on their investment at a low level of risk. And with GDPR coming into effect in May, companies are expected to drive awareness-building campaigns to prevent attacks.