The effective and timely identification of malware is one of the greatest challenges for IT security today. This is not least due to the sheer number of new malware variants but also to their sophisticated obfuscation, which overwhelms conventional signature-based protection technologies.
Mainly fileless malware is a growing problem here since it is not tied to executable files and leaves little or no traces on the hard drive. Above all, memory-based malware attacks are popular with hackers, which is active in the main memory, sets up command channels there and then carries out operations independently, such as downloading further Trojans.
Prominent representatives of fileless malware are the Trojans Emotet and Trickbot, which will continue to keep IT staff busy this year, as effective endpoint protection technologies are still not being used comprehensively.
Growing threat potential from MacOS
For many years now, MacOS has had a reputation for being a relatively attack-proof operating system. The Apple OS is considered to be far less susceptible to malware and cyberattacks than the market leader Windows. Although the majority of malware is still targeting Windows and Linux, Mac users should not underestimate the threat situation either since they are not immune to compromises or dangerous infections either: the security researchers at SentinelOne identified at least ten malwares of various types specifically targeting MacOS and there is a tendency for cyber criminals to focus more and more on Apple's Mac platform, which points to further increase in MacOS-specific malware.
Ransomware is becoming more personalized
At least since the large-scale, global WannaCry and NotPetya campaigns in 2017, we know that ransomware is a serious problem that is difficult to control. This will not change in in the near future either, on the contrary: we are seeing that ransomware attacks are becoming increasingly personalized and more targeted - be it that ransomware is developed for specific countries or industries or that attackers encrypt particularly valuable or sensitive data instead of simply coding everything in an uncontrolled manner.
Automation is becoming indispensable in security
Today’s security managers face the great challenge of having to monitor and protect every corner of their network - from the endpoint to the cloud. Departments that rely on passive threat detection quickly reach their limits since they must manually correlate, analyze, and evaluate an almost infinite amount of data. In times of shortage of skilled workers, overworked IT teams and a complex threat landscape, this is Sisyphean labor. Therefore, protection solutions based on automation should be at the top of a CI(S)O priority list, regardless of whether it is about endpoint security, password and identity management or data analysis. (Source: SentinelOne)