Predictions for 2019

Estimated reading time: 2 minutes

The new year is around the corner and as we prepare for it, we wanted to take a look at what we should expect, here are some of our predictions for the coming year

Malware evasion will spread further and wider

According to a recent research by Security Week, 98% of malware uses at least one evasion technique to prevent its execution in sandbox environments, the same study indicate that around a third of malware uses 6 or more techniques, a rise from around 70% in 2015 according to Lastline’s research.

In the coming year, we’re going to see an increase in both the amount of malware using multiple techniques and the number and quality of available techniques.

Ransomware and Cryptominers will merge into more lucrative threats

Ransomware is wreaking havoc for several years now and while we see a decrease in numbers in favor of Cryptominers, we’re going to start seeing a new type of threat that combines the two to maximize the revenues from each infection. Considering that both threats rely heavily on cryptography to gain money (differing mainly in the way they generate revenue), it could be profitable for malware authors to continue utilizing the device’s resources from one functionality to the other to maximize revenue.

Machine vs. AI vs. Machine

Last year we started seeing threat actors generating malware that bypasses not just traditional Antivirus products but also ML/AI based solution. This year the trend continued and evolved as more malware authors utilized ML/AI to counteract the defensive ML/AI.

This year we’re going to see the trend evolving further as exploit kits and malware-as-a-service will offer malicious, easy to use ML/AI capabilities to allow creating evasive malware even more easily and more quickly to novice and unsavvy threat actors as well, and not just the advanced ones.

The year of Endpoint-Deception

While deception is gaining momentum year-to-year, mainly for network-deception as Symantec announced adding their interpretation to their Endpoint Protection suite last year and recently purchasing Javelin networks (Active Directory deception), we’ll see more vendors developing network-deception into their products, cooperating with or buying existing players in the field.

Additionally, the coming year is going to see endpoint-deception taking new grounds as more enterprises will implement deception-based solutions for their endpoints to increase security.

Wishing you a happy and safe new year!
Sagi and the Deceptive Bytes team…