Three Malware Predictions for the Remainder of 2014

Posted by Hugh Docherty on Mon, Aug 25, '14

12449149_sAs summer is drawing to a close, it is useful to take a quick look ahead to the end of the year to determine what we can expect on the malware front. After all, 2014 has brought about many new developments in malware. In this blog post, we explore a few malware predictions for the balance of the year.

#1: The “leaking” of Botnet source code will continue to rise.

Traditional Botnet source code has remained under the protection of its authors and is often sold for a high price. Recently, the working botnet source code has been leaked. This enables lesser skilled actors to create new botnets and often time, morph them in ways never intended by the original author. For example, the leaking of Zeus source code a few years ago led others to develop Gameover Zeus variants, which replaced Zeus’s traditional centralized command and control (C&C) link with a peer-to-peer network of infected devices. Gameover added backup communications mechanisms and gave the botmasters more flexibility in setting rules for the botnet’s behavior such as the ability to participate in widespread DDoS (distributed denial-of-service) attacks. 

#2: Alert fatigue of SIEM device users will grow.

In a recent article published on DarkReading, Joshua Goldfarb discussed that security professionals often experience alert fatigue and become desensitized to security alerts. The reasons, argues Goldfarb, are that many organizations experience a low signal-to-noise ratio, meaning that there are a high volume of signals, the majority of which are noise. He offers the recent breaches at Target and Niemen Marcus as examples of instances where alerts were issued, but were not handled properly by internal security teams. We’ve also discussed this issue in the past on this blog. What Incident Response teams actually need is trustworthy (but, verifiable) threat intelligence data that can be consumed in an automated and machine-readable fashion.

#3: Mobile devices will continue to remain an increasing threat.

As users continue to focus on mobile devices and web services, so have malware authors. Android attacks have grown in complexity and maturity this year; and well-hidden attacks like Darkleech placed thousands of web servers under malicious control. Today more than 99% of new mobile malware is designed to target Android, according to a Q1 2014 Mobile Threat Report by security firm F-Secure Corp. But,by no means are the Apple iPhone or iPads are immune. The number of documented vulnerabilities for iOS Apple iPhone and iPads increased by 82% in 2013, according to a Symantec report. as mobile use and BYOD continue to increase in popularity, so will mobile malware threats.                                                                                                                                             

What do you think is on the horizon for malware between now and the end of the year? Share your thoughts in the comments section below.

T3 Special Topics Report The Many Faces of GameOver Zeus Download FREE Copy 


Topics: Malware

View Webinar Now