2018 saw the emergence of new malware, ransomware and other innovative ways of exploiting vulnerabilities in cyber systems.
Here a few of the cyber threats that defined the year.
VPNFilter
VPNFilter is a malware program which is believed to have been developed by Fancy Bear APT Group. The malware has been hiding in a number of routers and storage devices since 2016 and is able to carry out DDoS attacks, brick devices and extract data. It also contains special modules which allow it to propagate through networks while encrypting its devious traffic easily.
VPNFilter was found to have infected hundreds of thousands of devices. The levels of infection were particularly high in Ukraine where the government announced that they thwarted an attempt to compromise a chlorine distillation plant using VPNFilter.
Check your device for VPN Filter: http://www.symantec.com/filtercheck/
Spectre and Meltdown
Spectre and Meltdown are a series of CPU vulnerabilities which open up the possibility for an entirely new class of bugs. The vulnerabilities have been found in chips created by Intel, ARM, AMD, and IBM which are used in a lot of hardware products.
The flaw was found in the processor optimization functionality. Researchers found that hackers can use this flaw to access information on those devices.
Public disclosure about this vulnerability came after months of secretive attempts to create fixes. Efforts to come up with a lasting solution uncovered next-generation versions of Spectre and Meltdown.
Intel stated that their next generation of chips would be designed with specifications that will protect them from such attacks.
Mining Malware
2018 was an exceptional year for cryptocurrency mining malware. The price of Bitcoin declined steadily throughout the year but the number of crypto jackers being developed has gone up, and Coinhive was the most ruthless one of all.
This crypto jacker concentrates on mining Monero which has features that make the mined coins challenging to trace. Coinhive was designed as a legitimate program for people looking for new ways to monetize their sites, but hackers are using it to steal processing power. One report suggested that Coinhive managed to infect almost thousands of websites and network devices.
Stay safe out there and let's hope for a better 2019.