The campaign against malware is ongoing – this is still one of the largest forms of cyberattacks affecting businesses and individuals across the world. To give an idea of the scale of the issue, in early 2019, a team of researchers were able to close down nearly 100,000 websites that were actively distributing malware. And yet this work only scratched the surface in terms of the amount of malware out there.
Yes, the world of malware continues to evolve, and the challenges facing cybersecurity professionals grow. However, it is important to be armed with as much information as possible in order to find the best ways to combat the issue. With that in mind, this article will take a look at malware distribution in 2020 to consider what we can expect from the cybercrime over the coming year.
Attacks will become more sophisticated
If there is one thing that we can be certain about in terms of malware in 2020, it is that the attacks and campaigns will become more sophisticated. While simple, direct attacks are still common, there are other types of attack which are no longer simplistic – they are powerful coordinated efforts that can disguise malware and evade the traditional defences that businesses typically have in place.
Crucially we are likely to see attacks that actually use different types of malware depending on the phase of the attack. This means that your cyber defences will need to be prepared for malware attacks that take multiple forms.
More attacks on cryptocurrencies
One use of malware that we can expect to see a lot more in 2020 is attacks on cryptocurrencies themselves. It was recently reported that Bitcoin’s blockchain had been utilised by malware in order to update – ultimately meaning that it would still be able to run even if it has been blocked by a device’s antivirus software.
While Bitcoin itself was unaffected by this usage, other forms of malware have been able to mine the open-source cryptocurrencies Monero. As criminals find weaknesses in the blockchain they can use it both as a way to attack the cryptocurrencies themselves, as well as to strengthen their attacks on other sites.
Attackers will attempt to capture data in transit
In 2020 we are also likely to find an even larger number of attackers finding ways to utilise Wi-Fi routers as well as poorly secured Internet of Things (IoT) devices in a range of different ways. Specifically, routers and IoT hubs will be targeted in order for criminals to get access to the rich data that is passing through them.
There are forms of malware that can be used with a router in order to display spoofed websites in order to trick users to enter data. Others can do the directly, capturing bank credentials and payment details. This has become necessary for criminals, as businesses typically do not store the sensitive card credit data themselves, so it is only when the data is passing through the router that it can be stolen.
Malware used for more than just data theft
When we think of malware attacks, it is typically believed that their purpose is to steal data or extort money from the victim. However, we are now beginning to see many types of malware being used for a wide variety of purposes. In 2020, these sorts of non-theft forms of malware are likely to become more common.
For example, malware might be used as a tactic to disrupt a business’ SEO efforts for the benefit of competitors. Another type of malware is the kind of attack that might be used in cryptojacking. In a cryptojacking attack, malware will take hold of an unknowing computer system and then use its computing power in order to mine Bitcoin and other cryptocurrencies.
Ultimately, in 2020 we can expect to that malware attacks will become more common – and this should be a cause for concern for any IT professional in charge of cybersecurity for a business. The varieties of malware distribution are growing enormously, and the types of attack being seen are more sophisticated. It will be down to businesses to ensure that they are putting in the correct investment to protect themselves from an attack.
About the Author: Chester Avey
Chester Avey has over a decade of experience in cybersecurity and business growth consultant. He enjoys sharing his knowledge with other like-minded professionals through his writing. Find out what else Chester has been up to on Twitter: @Chester15611376.