Déjà vu again: major 2018 cyberattack trends include IoT botnets, ransomware and DDoS


regewgweIt’s a tale as old as time, isn’t it? With the dawning of every year we get geared up for all the new experiences sure to occur over the course of the next dozen months. Everything will be different! Novel! Exciting! Nearly without fail, however, it’s the same old same old relentlessly unfolding as we get steadily older and slightly wiser.

Cyberattack trends are generally no exception to this unfortunate pattern. Three things that made us miserable in 2017 are looking like they’re going to keep up the hard work in 2018.

Bigger and bigger IoT botnets

A botnet, for those who aren’t familiar with the term, is a network of computers and other internet-connected devices that have been infected with malware which allows them to be controlled by third parties, often from across the world. Back when internet-connected devices were basically desktop and laptop computers, botnet builders had to work to get past computer safety measures like anti-malware programs. Botnet builders nowadays don’t know how good they have it.

Thanks to the billions of unsecured or rather undersecured devices in the Internet of Things (IoT), builders have been able to amass botnets consisting of hundreds of thousands of so-called smart devices by exploiting default usernames and passwords. With these massive botnets comes previously-unseen amounts of malicious traffic, often used in DDoS attacks (see below).

Word is out on the security issues with IoT devices and manufacturers are responding, designing devices with better built-in security and changing those default usernames and passwords. However, obviously, not all manufacturers or consumers are ever going to get on-board. Furthermore, the latest large and in charge IoT botnets have moved beyond passwords and are actively hacking smart devices for botnet purposes. The recruitment of devices for ever-bigger botnets is a problem that isn’t going away anytime soon.

A DDoS attack onslaught

Distributed denial of service (DDoS) attacks are a from of denial of service or DoS attack on steroids. Instead of the one computer vs. one server of a DoS attack, DDoS attacks use the incredible collective computing resources of botnets to thump websites offline.

It’s unnerving having all those behemoth IoT botnets out there, and they’ve certainly done serious damage in the past (think the series of Mirai record-setting attacks from fall 2016), but DDoS attacks are going to be a problem in 2018 whether or not those IoT botnets end up getting in on the action.

DDoS for hire services are still making bank, the Bitcoin industry has vaulted into the top 10 most targeted, and after a period in which those for-hire services and their low-volume attacks ruled the scene, professional attackers are once again becoming a major threat and have even come up with a new attack method specially designed to disarm appliance-first hybrid mitigation solutions: the pulse wave attack. It would be great if the big DDoS trend of 2018 were every website and business investing in professional cloud-based DDoS protection, but until then, a generalized onslaught will continue to top the list.

Ransomware regrets

The globally successful WannaCry ransomware attack was a game-changer, in a way. It was an attack so big it took ransomware mainstream, grabbing headlines around the world and making its way into plotlines on shows like Grey’s Anatomy and Chicago Med. It didn’t change enough of the game, however, because months later when the Petya ransomware attack hit, many of the high-profile WannaCry victims (Britain’s National Health Service, FedEx, Nissan and Telefonica, to name a few) fell victim once again.

Ransomware damages were expected to exceed $5 billion in 2017, up from $325 million in 2015. This steep increase comes thanks to the 4,000 daily attacks that have been occurring since the beginning of 2016, and with the dividends these attacks are paying, that is not a number that’s going to do anything but rise in 2018. Furthermore, with every major ransomware attack learning from the one that came before it, we can expect more high-profile attacks that take down major organizations because even if they managed to smarten up after Petya, the next attempts are going to be even more sophisticated than the ones that came before.

Changing the future

The next year doesn’t necessarily have to be all doom and gloom and unfortunate familiarity. Maybe IoT device manufacturers will start equipping devices with anti-malware measures, and maybe a bigger number of device owners will stay on top of their own security efforts. Maybe organizations will all get DDoS protection. Maybe they’ll also get high-level protection against malware to prevent ransomware attacks. Maybe you’ll stick with those yoga classes instead of going to a muffin shop twice a week. Or maybe you’ll go to a muffin shop twice a week instead of going to yoga because that sounds much better. We must be the change we want to see.

Published by Kidal Delonix (987 Posts)

Kidal Delonix is a contributor to Mr. Hoffman's blog. The views and opinions are entirely his/her own and may not reflect Mr Hoffman's views.

Leave a Reply