Supply Chain Management

Supply Chain Management (SCM) Software, Supply Chain Optimisation, Supply Chain Execution, hardware transport, supply-chain, distribution software, freight software and load planning in manufacturing and supply chain applications.

Supply chain nightmare: Kaspersky Lab’s Threat Predictions for 2018

16-Nov-2017
Supply chain nightmare: Kaspersky Lab’s Threat Predictions for 2018
In the coming year, the world will see more legitimate software being poisoned by groups targeting wider victim profiles and geographies, with the added advantage that such attacks are extremely hard to spot and mitigate, according to Kaspersky Lab’s Targeted Threat Predictions for 2018. Other hard-to-block attacks, such as those involving high-end mobile malware are also set to rise as attackers resort to new tricks to breach increasingly well protected targets.

The annual predictions are prepared by the company’s experts, drawing on the research and experience gained over the course of the year. For 2018, Kaspersky Lab has complemented the targeted threat predictions prepared by the Global Research and Analysis Team with a series of industry and technology threat predictions.

Top advanced targeted threat predictions for 2018
In 2017, supply chain attacks such as Shadowpad and ExPetya showed how easily third party software could be used to gain entry into enterprises. This threat is expected to increase in 2018 as some of the world’s most dangerous threat actors start adopting the approach as an alternative to watering hole techniques or because other attempts to break in have failed.

“Supply chain attacks have proven every bit as nightmarish as we had previously theorised. As advanced threat actors continue to gain access to vulnerable development companies, back-dooring of popular or regionally popular software will become an increasingly desirable attack vector. Supply chain attacks will allow attackers to successfully gain access to multiple enterprises in target sectors while flying under the radar of system administrators and security solutions alike,” said Juan Andrés Guerrero-Saade, Principal Security Researcher, Global Research and Analysis Team.

Other targeted threat predictions for 2018 include:
  • More high-end mobile malware. Over the last couple of years, the security community has uncovered advanced mobile malware which, when combined with exploits constitute a powerful weapon against which there is little protection. 
  • Destructive attacks will continue to rise. The Shamoon 2.0 and StoneDrill attacks reported in early 2017 and the June ExPetr/NotPetya attack revealed a growing enthusiasm for destructive wiper attacks. 
  • More attacks will lead with reconnaissance and profiling to protect attackers’ most precious exploits. Attackers will spend more time on reconnaissance and using profiling toolkits such as ‘BeEF’ to determine if a less-costly, non-zero day exploit will do. 
  • Sophisticated attacks will be found exploiting the bridge between the OS and firmware. The Unified Extensible Firmware Interface (UEFI) is the software interface between the firmware and the OS on modern PCs. Kaspersky Lab expects more threat actors will make use of UEFI’s highly advanced capabilities to create malware that can be launched before any anti-malware solution, or even the OS itself, has had a chance to start. 
  • More router and modem hacks. This well-known area of vulnerability has been largely ignored as a tool for advanced targeted attackers. They sit at a critical juncture for an attacker intent on gaining persistent and stealthy access to a network, and could even allow an attacker to hide their trail. 

Alongside these advanced threat predictions, Kaspersky Lab’s industry and technology threat predictions aim to help some of the most connected sectors understand and prepare for the security challenges they could face over the coming 12 months.

Top industry threat predictions for 2018 include
  • Connected vehicles are likely to face new threats as a result of growing supply chain complexity leading to a scenario where no one player has visibility of, let alone control over, all of a vehicle’s source code. This could make it easier for attackers to break in and bypass detection. 
  • In healthcare, attacks breaching private networks to target medical equipment and data with the aim of extortion, malicious disruption or worse, could rise as the volume of specialist medical equipment connected to computer networks grows. 
  • In financial services, the increased security of online payments means that fraudsters will turn their attention to account takeover attacks. Industry estimates suggest fraud of this type will run into billions of dollars. 
  • Industrial security systems are likely to be at increased risk of targeted ransomware attacks. Operational technology systems are more vulnerable than corporate IT networks, and are often exposed to the Internet. 
  • Kaspersky Lab also expects to see targeted attacks on companies for the purpose of installing cryptocurrency miners – and in time this could become a more lucrative, long term business proposition than ransomware.


The full Kaspersky Lab Threat Predictions for 2018 are available on Securelist.

Kuebix’s 2018 Supply Chain Mid-Year Review and Predictions: What’s Happened and What’s Still to Come
2 weeks ago
How companies create mobile apps that look just as good on smart watches as desktops with low code tools
2 weeks ago
SAP Announces New Suite of Solutions to Modernize CRM and a New Data Management Suite
2 weeks ago
Tricentis expands, providing self-service access to GDPR-compliant test data from production environments
2 weeks ago
Digitize, innovate, evolve: Software provider AEB unveils new identity
2 weeks ago
JDA and HCL Technologies Announce Alliance Agreement for JDA Commerce, SofTechnics, and PRM Solutions
2 weeks ago
Laidlaw Forges Ahead with Infor
3 weeks ago
Building Over Beverages is Back in Action on Command Alkon’s “Radio on Command”
4 weeks ago
Infor Announces New Financial APIs in its Infor OS platform
4 weeks ago
Gartner Announces Rankings of the 2018 Supply Chain Top 25
1 month ago
E2open Delivers Unified User Experience for Supply Chain and Sales Operations
1 month ago
Exostar Extends Secure Supply Chain Management Collaboration Suite to Support Digitalization Initiatives
1 month ago
Zeppelin Rental Builds Its Business on AX4
1 month ago
Jabil Speeds Digital Transformations with Supply Chain Intelligence
1 month ago
How is the digital revolution transforming customs processes? AEB and DHBW Stuttgart launch online survey
1 month ago
JDA Launches “JDA Luminate” Next-Generation SaaS and Digital Edge Solutions
1 month ago
Getronics appoints Rogier Bronsgeest as new COO
1 month ago
Iptor and Protelo Commence Value-Added Reseller Partnership
1 month ago
Digital logistics also pays dividends for the environment
1 month ago
SAP IoT Startup Accelerator: Supercharging the Smart Factory
1 month ago
Gartner Says Global Artificial Intelligence Business Value to Reach $1.2 Trillion in 2018
1 month ago
Greater precision for the supply chain
1 month ago
Descartes to display its extensive range of solutions for supercharging supply chain operations at Multimodal
1 month ago
SAP Unveils First-of-Its-Kind Pricing Model
2 months ago
Logility University Offers Education and Certification Courses to Accelerate Supply Chain Optimization
2 months ago
Auconet, Now With Beta Systems, Showcases NAC for IT, OT, ICS & SCADA, at RSA 2018
2 months ago
“Digital Revolution Makes Logistics a Key Economic Factor”
2 months ago
LLamasoft Names Razat Gaurav CEO
2 months ago
HighJump Showcases New Innovations For Supply Chain Business Intelligence And Automation At Modex 2018
2 months ago
Integrated global trade compliance: Tosoh Europe automates screening of export shipments with AEB
2 months ago
SAP Completes Acquisition of Callidus Software Inc.
2 months ago
TECSYS Introduces the Ultimate Monetizing and Billing Management System (BMS) for Third-Party Logistics
2 months ago
Dr. Ralf Garlichs to be appointed to the Managing Board of Siemens Postal, Parcel & Airport Logistics
2 months ago
At Hannover Messe, SAP Presents End-to-End Solutions for the Digital Factories of Tomorrow
2 months ago
Turning a digital vision into real technology
2 months ago
EY and JDA Collaborate to Transform Supply Chains Across Industries
2 months ago
CaroTrans International Selects Infor GT Nexus Commerce Network for Advanced e-Commerce
2 months ago
Implico Technology Wins Tank Storage Award
2 months ago
Disruption in logistics: Key trends for 2018
3 months ago
IBM Partners with SAP on Cognitive Field Services Solution for IM&C Companies
3 months ago
Hallite Selects Avaap for Infor M3 CloudSuite Upgrade
3 months ago
Ternua Group chooses Lectra Fashion PLM 4.0
3 months ago
Dematic opens new state-of-the-art offices in Lithuania
3 months ago
Upgrade for Salesforce: AEB business partner screening app available in leading CRM AppExchange
3 months ago
Hapag-Lloyd Launches Digital Rate Distribution on CargoSphere
3 months ago
TECSYS Reports Financial Results for Third Quarter of Fiscal 2018
3 months ago
The Man With the Plan for Innovation at SAP: Juergen Mueller
3 months ago
Technology propelled by Industry 4.0 brings new opportunities for the fashion industry
3 months ago
Kuebix Founder Bestowed with Supply Chain Pros to Know Award
3 months ago