Heimdal Online Security – In the first half of 2016, we have seen the cybercrime marketplace move in the direction of making malware and exploit kits more easily available to those interested in carrying out cyber attacks.
Almost anyone can now purchase malware and various exploit kits, which are pretty much ready to use.
So far, 2016 has also brought new evolutions in ransomware, confirming many of the trends we anticipated at the end of last year, including the fine tuning and enhancements of attack vectors. Other areas have evolved different from what we expected, with encryption levels going as far as 4096-bit in the case of the still active CryptoWall and the defunct TeslaCrypt.
So looking towards the second half of 2016, here's what should expect from the cyber crime industry if you are a CIO, CISO or a malware expert.
Starting from the beginning of the attack path, we foresee that cyber attacks will evolve in 3 main directions over the next 6 months or more:
Refined delivery via email: advanced spam filter probing; incorporated statistics for delivery, open and click rates Advancing malware delivery via web channels: continuously enhanced exploit kits and delivery customized to breach specific endpoint defenses Substantially increased malware sophistication: intelligent ransomware, with supplemental DDOS capabilities. Let's first dive more into details about how malware delivery and online scams involving malicious software can evolve over the next half a year and beyond.