The Anti-virus Times

Thursday, December 27, 2018

The New Year is coming, and that means it’s time to sum things up and take a look at predictions for 2019. Why are we interested in forecasts? Well, they let us compare our personal viewpoint with that of other companies and security researchers.

Simply magnificent!

Criminals have long been using underground call centres to contact the targets of their scams or render "technical support" to organisations. Such services are offered on hacker forums on a regular basis. Contacting people by phone is way more effective than sending them spam emails because the attack can be truly personalised, and the imposter can quickly make changes to whatever it is they are proposing to their would-be victim in order to best persuade them to fall for their scam.

However, a lone hacker can't set up a call centre and perform all the tasks by themselves. A call centre requires premises and human resources and involves staff recruitment and dismissal. Essentially, one has to establish a company even though it would be operating in violation of the law. And that means someone may get arrested.

Bots are devoid of such shortcomings. Crooks can upload these software programs on compromised servers and discard them when necessary with no regret whatsoever. It is teaching the robots how to maintain a long meaningful conversation that remains problematic. But it is quite possible that smarter programs will appear in the coming years, and then we'll witness a sharp increase in the number of phone scams. This prospect is not particularly pleasant.

Machine learning also opens up new opportunities for blackmailing and intimidation. And it can be hard to punish those responsible.

Alas, no anti-virus can protect one from such attacks.

Attacks on industrial facilities aren’t yet a trend, even though many experts were talking about them this year and in previous years. Despite their predictions, a sharp increase in the number of attacks remains unlikely. Why? Because large companies don't like to pay a ransom—recall what happened during the WannaCry and NotPetya outbreaks. Orchestrating an attack of this sort may require a lot of resources, whilst a positive outcome is very unlikely.

Meanwhile, attacks on routers and adware numbers are guaranteed to increase. The ability to easily compromise network devices offers excellent opportunities for criminals to display ads without any personal computers showing signs of compromise.

Russia actually proposed such a treaty, but the proposal was declined. So, in general, we’re sceptical.

Attacks targeting infrastructures and designed to cause panic. An unlikely outcome, too, because such actions could spark a war. However, precedents exist—just recall the attack carried out against root DNS servers, with the goal of disrupting the Internet.

But jokes being played? That’s entirely possible. Abuse a city infrastructure to post a fake message, or hack into a competitor’s traffic control system to ruin their reputation—things like that have already happened.

As you know, WannaCry is a conventional worm of this type, and it is still active. Companies and ordinary users are still neglecting to install updates. So, as for that prediction, we say it is entirely possible. The number of outbreaks isn’t likely to be great, but even one such species can cause turmoil.

For years, experts have been frightening people with talk of impending attacks over wireless networks, but in reality attacks of this kind are few. The reason is simple: expensive hardware is required to mount the attacks, while the number of potential victims is relatively small. So it is possible, but unlikely.

Mounting an attack of this kind is difficult, so we probably won't witness many of those. However, one-off attacks involving biometric markers are possible.