Threat actors to keep a low profile on their cyber attacks in 2019

Cyber security provider Kaspersky recently warned that hackers will try to conduct their hacking activities in 2019 in a low key manner toward a higher success ratio.

“In 2018, threat actors have led to new paradigms. Public awareness has grown and expert investigations have highlighted big cyber operations, making the topic front page news across the world. This will lead to a change in the cyber landscape, as sophisticated threat actors seek silence and obscurity for their attacks in order to increase the likelihood of success. This shift makes the finding of new, large-scale, sophisticated operations very unlikely, and will definitely take the art of detection and attribution to the next level,” said Vicente Diaz, security researcher at Kaspersky Lab in a press statement.

Although the cyber security industry has consistently developed state-of-the-art, government-sponsored operations, Kaspersky said threat actors have the capability to go underground and below the radar to avoid publicity and the likelihood of being “found out.” With enough resources, they will be able to diversify tool kits and practices, making detection and attribution extremely difficult.

With the ability of threat actors to perform covert operations in a more sophisticated manner, Kaspersky said this will lead to the deployment of tools specialized for targeting victims at their very core, compromising networking hardware. “The new strategy will allow threat actors to focus their activities on discreet botnet-style compromise or to perform more sneaky attacks on the selected targets,” the company said.

Other targeted threat predictions for 2019 include supply-chain attacks, mobile malware, rapid growth of Internet of Things (IoT) botnets, spear-phising, arrival of advanced persistent actors and public retaliation,

Kaspersky said attacks on the supply chain are among the biggest problems despite the introduction of cutting-edge tools to fight it.

Meanwhile, Kaspersky said the industry has not developed major inroads in mobile, stressing that a lot of threat actors have a mobile component to their campaigns to help broaden the list of potential victims. “While there won’t be any big outbreak in mobile-targeted malware, we will see continuous activity and new ways for advanced attackers to get access to victims’ devices,” Kaspersky said.

“It warned that it should not belittle the the rapid growth of IoT botnets because these could be quite dangerous once it falls into nefarious hands.

Kaspersky warned that spear-phishing should be a given a closer watch because of the huge implications of a data breach. Data obtained from different attacks on social-media giants, such as Facebook, Instagram, LinkedIn and Twitter, are now available in the market for anyone to acquire. Recent large-scale data leaks from different social-media platforms might help attackers to improve the success of this infection vector,” the company said.


Rizal Raoul Reyes

Rizal Raoul S. Reyes has covered technology, science, business, property and special reports. He had working stints with the Business Star, Manila Bulletin and Independent Daily News.