PRAGUE, Dec. 4, 2019 /PRNewswire/ -- Avast (LSE:
AVST), a global leader in online security products, today announced
its cybersecurity predictions for 2020 in its annual Threat
Landscape Report.
Avast Threat Experts anticipate the following security trends
for 2020:
Advancements in how PC malware is delivered
Avast's
Head of the Threat Intelligence Systems, Jakub Kroustek, expects
advancements to be made in terms of how malware is delivered to
PCs, with more sophisticated methods of spreading threats being
deployed. These include distribution via malicious emails, from
stealing incoming emails either to spy on victims or to add a
malicious payload to the email which is then sent back in the
conversation. Kroustek also predicts a resurgence of exploit kits,
indicated by his observation of a strong comeback in kits and
malware to be spread via supply chain attacks. Finally, we are
likely to see cybercriminals exploit RDP (Remote Desktop Protocol)
vulnerabilities to distribute threats.
Kroustek said, "Cybercriminals are constantly innovating and
looking for new ways to circumvent today's powerful personal and
business security solutions. Not only is it harder for people to
spot malicious emails or suspicious links and attachments, making
attacks more likely to be successful, but the exploitation of RDP
vulnerabilities to spread worm-like strains of threats could have
significant impact."
Mobile scams and iOS vulnerabilities
On the mobile
side, Nikoloas Chrysaidos, Head of Mobile Threat Intelligence and
Security at Avast predicts that more subscription scams and fake
apps will make their way onto official app stores, and that more
iOS vulnerabilities will be exposed by security researchers and bad
actors alike.
Chrysiados explains, "Getting malicious apps onto the Google
Play Store and the Apple App Store is not an easy task, which is
why cybercriminals are shifting towards subscription scams, and
fake apps integrated with aggressive adware to make money. We are
already seeing community projects, like checkra1n, providing
high-quality semi-tethered iOS jailbreaks based on the checkm8
bootrom exploit. While this could enable researchers to discover
more vulnerabilities, we hope they will be reported to Apple and
not abused by the bad guys."
Internet of Things (IoT) devices will become an even greater
target for hackers
Security researcher Anna Shirokova predicts devices and even
physical locations will become smart - or even smarter than they
already are - to be used by vendors to collect more data about
users in order to learn and predict their behavior.
"Smart devices and locations that collect data offer
convenience, but they limit people's control over their privacy.
Additionally, companies collecting and storing a plethora of
customer data make attractive targets for data hungry
cybercriminals looking to sell data for financial gain on
underground markets," explains Shirokova.
Shirokova also expects cybercriminals to continue adding
obfuscation to their IoT malware, similar to how cybercriminals
attempt to protect their Windows malware code from being analysed
by researchers.
Security researcher Daniel Uhricek foresees the development of
new exploits for smart devices and predicts that malware authors
will continue to build upon older, already established malware
families, expanding them with newly released exploits to widen
their IoT attack surface.
"Malware authors have also been making progress in preparing
their attack infrastructure. We have seen IoT malware adopting
DNS-over-HTTPS, Tor communication, proxies and different encryption
methods, and we expect malware authors will adopt other security
practices to make their botnets more robust," said Uhricek.
Privacy will become the new frontier for
security
Rajarshi Gupta, Head
of Artificial Intelligence at Avast, expects to see practical
applications of AI algorithms, including differential privacy, to
profit from big data insights as we do today, but without exposing
all the private details.
Gupta said, "There is recent work, like the Data Shapley, to
attribute value to individual pieces of data provided by users.
While we do not foresee a monetization of personal data in 2020,
per se, we hope to start seeing initial products that at least
allow individuals to take back control their own data, by deciding
whether and which companies can harness their data, and what data
they can use."
These trends form part of Avast's annual Threat Landscape
Report, which can be downloaded here.
About Avast:
Avast (LSE: AVST) is a global leader in
digital security products. With over 400 million users online,
Avast offers products under the Avast and AVG brands that protect
people from threats on the internet and the evolving IoT threat
landscape. The company's threat detection network is among the most
advanced in the world, using machine learning and artificial
intelligence technologies to detect and stop threats in real time.
Avast digital security products for Mobile, PC or Mac are
top-ranked and certified by VB100, AV-Comparatives, AV-Test, SE
Labs, and others. Visit: www.avast.com.
Media contact:
pr@avast.com
View original content to download
multimedia:http://www.prnewswire.com/news-releases/mobile-scams-sophisticated-malspam-iot-malware-and-botnets-are-on-2020-prediction-list-from-avast-threat-experts-300968626.html
SOURCE Avast