AI Could Increase The Major Cyber Threats In 2019
Computer security software giant McAfee has released a report warning that companies face being ‘under siege’ from malware, ransomware and other cyber threats next year.
They predict that underground organisations will collaborate to form bigger, more powerful groups, offering off-the-shelf packages to criminals. Cyber threats will no longer consist of one attack, but are likely to combine as many as five different techniques, for example phishing, ransomware and cryptojacking.
So-called malware-as-a-service will be increasingly available, allowing criminals to purchase the building blocks to tailor an attack. The biggest underground firms are becoming stronger, as they use methods such as affiliate marketing to increase their reach.
Partnership with other criminal enterprises is also expected, such as money laundering, identification of vulnerabilities and evasion techniques.
Cloud storage of corporate data will be a major target for hackers, with attempts to access the large amounts of sensitive information stored there.
Smartphones, tablets and routers will be at increasing risk from malware, while social media platforms and the Internet of Things offer weak entry points, as does the habit of choosing weak passwords. Voice controlled digital assistants are also set to be a new way to access poorly guarded systems.
With an increase in mobile malware, banking fraud will increase and more attempts to bypass two-factor authentication are expected.
AI use will help underground organisations find vulnerabilities in systems and identify likely targets, plus it will automatically check whether infections have been successful to allow the next phase of attack to be implemented.
It is predicted that the use of forums and AI will mean that software flaws will be exposed within hours of release of new packages and AI will also be used to help bad actors avoid detection.
The spread of misinformation via bots will mean that companies can be threatened with damage to their brand and extorted.
McAfee stress that firms under attack must question whether any incursion is part of something bigger. The difficulty for security experts will be in defining the criminals’ end goal accurately. The more threats that are included, the harder it is to clearly see the target. Ransomware will increasingly be used as a smokescreen, and firms cannot assume that they know the end goal of any attack.
Raj Samani, chief scientist at McAfee, writes: “In 2018, we witnessed even greater collaboration among cyber criminals through underground alliances. This collaborative mentality has allowed for efficiencies in underground technologies and tactics, and the evolution of bad actors into some of the most organised and agile adversaries in the world. However, while we expect the underground market collaboration to continue, the year 2019 will also see cyber security alliances of defenders continuing to mature and further fortify defences.”