Thanks for signing up, a member of the Global PR team will be in touch with you shortly.
Prominent on last year's malware scene were the Angler and Nuclear exploit kits, both of which, like the other top exploit kits, mostly took advantage of vulnerabilities in Flash to do their dirty work. But Sean Sullivan, Security Advisor in F-Secure Labs, predicts in the report that Google Chrome will kill Flash support in early 2017, and Mozilla Firefox and Microsoft Edge will follow. Sullivan predicts that by spring of 2017, Flash will no longer bear fruit for exploit kit makers.
Exploits, which have become one of the most common vehicles for malware in the past decade, need out-of-date software in order to accomplish their goal of getting through security holes. But that software, Sullivan says, will be harder and harder to find. For example, with HTML 5's capability to "do it all", the need for third party browser plugins has mostly been eliminated. And today's browsers themselves are auto-updated, without the need for the user to intervene, so users always have the latest version.
Other programs don't offer much fruit. Microsoft's software is much more secure than it used to be, and patches roll out very quickly. Adobe's other software is more and more cloud based, rather than being local on people's machines. And browser developers have forced Java into a restricted place. So what will happen to exploit kits if there's no new fruit?
"Hopefully, they die," Sullivan says. "Wouldn't be the first time that a business model collapsed in the malware scene. Or they may focus on browsers, but then they'll need to find zero day vulnerabilities."
Macro malware re-appears
As exploit kits face an eventual decline, the report predicts that commoditized malware services will only accelerate their use of email attachment-based malware schemes. One such scheme is macro malware, which re-emerged in 2015 after lying low since the early 2000s.
Malware authors use the macro feature in Office to implant malicious code to documents they email as attachments. With Office 2003, Microsoft changed default settings to no longer run macros automatically, making attacks much more difficult. Today's macro malware attempts to get around Microsoft's default settings by displaying text in the open document that claims it is a "protected" document that requires the user to enable macros.
Other Notable Highlights from F-Secure's 2015 Threat Report:
Nobody has better visibility into real-life cyber attacks than F-Secure. We’re closing the gap between detection and response, utilizing hundreds of our industry’s best technical consultants, millions of devices running our award-winning software, and ceaseless innovations in artificial intelligence. Top banks and enterprises trust our commitment to beating the world’s most potent threats. Together with our network of the top channel partners and over 200 service providers, we’re on a mission to make sure everyone has the enterprise-grade cyber security we all need.
Founded in 1988, F-Secure is listed on the NASDAQ OMX Helsinki Ltd.
Sign up for media information from F-Secure.
Browse through our news by year.
Browse through our news by category.