2015 is drawing to a close and that can mean only one thing – it’s time to make 2016 predictions! Some people like to prognosticate about which celebs will be dating; others focus on economic forecasts. Some people attempt to prophesy the outcomes of their fantasy football leagues.
Here at ZoneAlarm we extend our totally secure, all the time mantra to peering into the future as well. After all, the bad guys always have one eye on the future, so you should too if you want to stay safe.
To that end, we bring you ZoneAlarm’s predictions for the top 4 PC threats in 2016. These threats are already active, but they seem to be ramping up their game in an alarming way and all of us need to be prepared for them.
Banking malware has been around for quite some time and it tends to be a favored method of attack for the bad guys. It’s not hard to see why, really. Banking Trojans steal millions of dollars from personal and corporate accounts each year, and the trend is spiraling upwards. As convenient as it is to do all of your banking from the comfort of your home, this trend has given hackers and scammers a whole new playing ground on which to steal your money.
Banking malware made its debut in 2006 with the powerful Zeus Trojan, one of the most notorious banking Trojans of all time and one that inspired a whole new trend in the world of malware. From then on, banking malware has become more sophisticated and harder to detect. Some banking Trojans come via email attachments, and some infiltrate computers via injected code. (Injected code is malicious code that takes advantage of vulnerabilities within operating systems or computers to attack them.) Once the Trojan is inside, it waits dormant until the unwitting user logs on to their bank. The hacker can then steal passwords and login credentials and use them to access the victim’s account.
In the past few years, we’ve seen the rise of a few new versions of banking malware (such as Dridex and Dyre) which infiltrate computers via infected email attachments. Dyre works by compromising banks’ SSL certificates. SSL, by the way, stands for Secure Socket Layers (read more in our blog here). SSL certificates are what allow transactions to be made securely over the internet. Dyre is able to breach these certificates, monitor user’s banking activities, and wire money straight out of peoples’ accounts.
Banking malware is big business and don’t expect to see it slow down any time soon. Sadly, crime sometimes does pay, at least in the short run.
Back in the old days, scam artists stood on street corners looking for bait, unsure if anyone would “bite”. Lucky for them (and unlucky for us), our obsession with social media and email has created a dream landscape for these charlatans. With the click of a button, thousands of spammy emails can be sent to unwitting people, making a scammer’s job so much easier.
Phishing, as it’s referred to in the cyber security world, is the art of attempting to obtain sensitive information, such as passwords and login credentials, by way of posing as a trusted entity via email, social media messages or any other digital means. The “phisher” sends an email or message via social media to a target, pretending to be a well-known company (such as Amazon.com), the person’s boss, a member from the IT department, or anyone else a victim might trust. Once the criminal has convinced the target that they are legit, they make their move, compelling victims in crafty ways to give over information.
Phishing has been around since about 1995, but it didn’t get much press for almost a decade. Then, in 2004, phishers successfully spoofed emails from sites like eBay and PayPal, successfully duping thousands of people. Since then, countless hacks have started with a simple phishing attack. In one high-profile story, a White House employee clicked on a link in an email that was supposedly sent by the US State Department. It was actually sent by a cybercriminal and enabled hackers to gain access to the government’s network.
At the moment, there are dozens of phishing variations floating around the internet. It may just be a matter of time before an email from the Exchequer of Swaziland winds up in your inbox. According to James Moore, a consultant at Phish’d, a security firm which trains employees to avoid phishing attacks, certain people, even those who have learned about the risks of opening emails, are hardwired to be trusting and want to connect with others. This makes it harder for them to discern threats. In other words, phishing is not going to disappear any time soon because humans are just that – human.
Ransomware, as we mentioned in a recent blog post, is malware that restricts usage of your computer in some way or another. It holds your computer (and your data) ransom and demands payment in the form of bitcoins to release the information.
Ransomware first appeared on the malware-scene in 1989, in one of the earliest known malware attacks called PS Cyborg. The malicious scheme came in the form of malware on disks that would boot up properly 89 times. On the 90th attempt, all of the files on the victim’s computer would be hidden. To restore files, victims had to send $189 to the malware creator, who was later deemed mentally unfit to stand trial for his crimes. From that point onwards, ransomware has evolved into a highly sophisticated racket, causing victims worldwide much grief and frustration.
Attacks like Reveton come in the form of spam emails supposedly from the FBI or local police agencies, splashing an alarming notice on the victim’s screen that the agency has found incriminating information on the computer which has been locked. In order to unlock the files, the victim needs to call a certain number and pay the unlock fee via credit card. There are the more advanced ransomware versions like CryptoLocker and CBT Locker, which lock mobile devices with encryption. These versions access computers by way of infected attachments and injected code. Another variant of the encryption-locking family is Tesla Crypt, which lurks in online games. Most recently, Chimera started locking computers with the tweak that if victims don’t pay up, their files will be dumped on to the internet for all to see.
Ransomware is a big problem and one that pays off very well for the perpetrators. In 2012, it was estimated that CryptoDefense (another member of the Crypto family) hackers were raking in $34,000 a day. And from September 2013 through March 2014, over 500,000 people were infected with CryptoLocker. Only about 1.3 % of victims paid, but the heist brought in over $27 million from those who did pay. At the moment, the “Crypto” family of ransomware is causing users the biggest headache – newly minted versions seem to appear every few weeks. So expect to see a lot more about ransomware in the news in 2016.
We all know that adware is annoying. Nobody likes pop-ups and we hate ads that seem to stalk us wherever we turn. As annoying as they are, however, adware isn’t generally malicious. It’s just very frustrating. But then there is Vonteera. Until recently, Vonteera was just another annoying but benign form of adware. Recent research, however, has shown that Vonteera has gone rogue and is actually doing bad things. Very bad things. By changing certain settings, the adware disables the security certificates for certain antivirus programs, rendering them useless. Vonteera has proven itself to be quite persistent, changing browser shortcuts and infecting browsers as well.
This comes on the heels of an ongoing debate about the usage of adware in general. As we stated above, adware is super annoying and can be an opening to other, more malicious programs. Opponents of adware posit that these ads have no place on the internet and users should have the right to block them by using ad-blocking software. Proponents argue that these ads are how advertisers and websites make money. If ads are not viewed because they are blocked, website owners will have to start charging for access.
This is a powerful dispute, and one that doesn’t appear to have a clear-cut solution. One thing, however, is for certain – adware and its implications will be a hot topic in 2016.
The one thing that all of these issues have in common is that, as scary as they are, you can do something to protect yourself against them. Unlike the hacked traffic lights we told you about a few months ago, you have the power to secure your digital information and identity. Protect yourself with a powerful antivirus and firewall program, such as ZoneAlarm’s own PRO ANTIVIRUS+ or EXTREME SECURITY. These programs monitor your computer all day and all night, to make sure that you are protected from even the most recent threats. All ZoneAlarm products come with a powerful firewall that ensure that no private information leaves your PC without your permission. And all ZoneAlarm products come with free backup, which is crucial in protecting yourself against the possibility of ransomware.
So make sure you’re equipped to face the security challenges of 2016. It will certainly be a challenging year when it comes to online security, but that doesn’t mean it has to be a dangerous one. Just make sure you have solid protection on your PC, and always approach the internet with a grain or two of salt (and skepticism). Peering into the future, we predict you’ll be happy you did.