{"id":12873,"date":"2018-01-23T14:45:41","date_gmt":"2018-01-23T19:45:41","guid":{"rendered":"https:\/\/www.firewalls.com\/blog\/?p=12873"},"modified":"2025-11-12T15:40:37","modified_gmt":"2025-11-12T20:40:37","slug":"malware-forecast","status":"publish","type":"post","link":"https:\/\/www.firewalls.com\/blog\/malware-forecast\/","title":{"rendered":"3 Things All Organizations Should Learn from the SophosLabs 2018 Malware Forecast"},"content":{"rendered":"\t\t
\n\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

WannaCry. NotPetya. KRACK. BadRabbit–with all the new friends we made in 2017, organizations have to wonder what the new year has in store in regard to cyber security. A meteoric rise in ransomware has the healthcare industry on its toes. Corporate email breach rates are soaring. Surely there must be someone that can help us make sense of it all!<\/p>

Well, Sophos can. A few months ago SophosLabs released its 2018 Malware Forecast<\/a>. In this week\u2019s blog post, we\u2019ll look at the data, the predictions, and what business owners should take away from the research. Ready to get secure and stay secure in 2018?<\/strong> Keep reading to learn how you can pull it off.<\/p>

3 Key Points of the SophosLabs Malware Forecast<\/h2>

1. Ransomware-as-a-Service is the New Normal<\/h3>

The real boogeyman in the world of cyber security is no longer individual hackers, but the toolkits and custom code they distribute. The Dark Web is littered with DIY exploit kits and pre-built ransomware payloads just waiting to be aimed and fired, for a price. Any Joe Shmoe off the street can bring a hospital campus to a grinding halt, even if they can\u2019t tell a secure socket from an electrical socket. Ransomware-as-a-Service is an all-inclusive heist-in-a-box that even low-tier baddies can use to separate your organization from its wallet.<\/p>

Just how commodified has ransomware become? Well, why not watch the world’s first commercial for a ransomware toolkit<\/strong>?<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t
<\/div>\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

What It Means for You<\/strong><\/h4>

More attempts, spam and danger lurking around every corner. Sure, these DIY exploiters may not have the expertise or dedication that hackers of old once touted, but cybercrime in 2018 is a numbers game<\/strong>. Expect to see the total number of attempted attacks rise as ransomware-as-a-service kits multiply and the entry threshold for cyber criminals’ lowers.<\/p>

2. Windows is Still Vulnerable<\/h3>

As the author of the report states, \u201cthe Windows threat landscape hasn\u2019t changed much in the past year\u2026\u201d Realistically, that\u2019s no better news than claiming the yapping dog next door hasn\u2019t been barking much louder than usual. One important trend that SophosLabs reported was an increased concentration of attack payloads nested in Microsoft Office applications. Droppers like these execute macros inside Windows documents to deliver their payload, turning innocent-looking files into landmines. If anything, these improvements in the world of Office exploits translate into shorter attack time frames and more efficient exploits.<\/p>

What It Means for You<\/strong><\/h4>

Like years past, the most likely attack vector against your organization in 2018 will be an attachment in your inbox. However, expect phishing attempts that are more deceptive, more persuasive, and, should you fall victim, more unforgiving. Tag teamed with a blossoming ransomware-as-a-service sector, and we can expect Windows exploits that are deployed more dynamically than ever. The turnaround time is shrinking between when new vulnerabilities are discovered and attack payloads being built to exploit them.<\/p>

3. Cybercriminals As Opportunistic Hunters<\/h3>

The bad guys are wasting less of their time on targets that won\u2019t pay up. That\u2019s bad news for those of us that don’t have the luxury of choice. The healthcare, government, and education industries will have inescapable targets looming over their heads throughout 2018. Healthcare in particular is already attacked more frequently than any other sector. Each instance of ransomware attack is an experiment. Criminals are learning who will convert into a sale and which targets are least prepared.<\/p>

What It Means for You<\/strong><\/h4>

Cybercrime is a growing industry and like any budding industry, they are piecing together their target audience and exploring strategies to shorten their \u201csales funnel.\u201d With ransomware, that’s accomplished by targeting critical infrastructure, medical records, and sensitive financial information. If your industry touches on those goalposts, you\u2019ve probably made it onto the bad guys\u2019 shortlist.<\/p>

How Can I Prepare for 2018?<\/h2>

Adware, spyware, and viruses are all very much real and salient worries. But let\u2019s not kid ourselves about who the big bad final boss is on this level: ransomware<\/strong>. Any industries that could find themselves staring down the barrel of a custom-design exploit kit should be preparing for that possibility by putting preventative measures in place. Step one is as easy as learning as much as possible about ransomware, so why not hop over to our article “Ransomware Warfare: How to Protect Your Files From Hostage Takers<\/a>” to brush up on your safety basics?<\/p>

Sophos Intercept X<\/a> is a powerful weapon that most organizations should be adding to their arsenal. Intercept X is designed to run alongside any other endpoint applications on your system, so most network environments will welcome it. Intercept X is built to go toe-to-toe with zero-day threats because Sophos analyzes threats based on behavior rather than known signature<\/strong>. Behavior-based scanning ensures that even if an attack has never been documented before, it\u2019s still going to get the ax if it walks like ransomware, talks like ransomware, and smells like ransomware. In an era of bespoke and rapid-deployment ransomware, we can no longer rely on only fighting the enemies we’re familiar with.<\/p>

However, the most impressive feature of Intercept X is its ability to literally roll back damage from ransomware that lands on your system. Even if ransomware makes it onto your network and manages to encrypt a few files, Intercept X will be able to shut the attack down, restore your files, and reverse the damage right before your eyes<\/strong>. In fact, you can watch it demonstrated in this one-minute video:<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t