Supply Chain Management

Supply Chain Management (SCM) Software, Supply Chain Optimisation, Supply Chain Execution, hardware transport, supply-chain, distribution software, freight software and load planning in manufacturing and supply chain applications.

Supply chain nightmare: Kaspersky Lab’s Threat Predictions for 2018

16-Nov-2017
Supply chain nightmare: Kaspersky Lab’s Threat Predictions for 2018
In the coming year, the world will see more legitimate software being poisoned by groups targeting wider victim profiles and geographies, with the added advantage that such attacks are extremely hard to spot and mitigate, according to Kaspersky Lab’s Targeted Threat Predictions for 2018. Other hard-to-block attacks, such as those involving high-end mobile malware are also set to rise as attackers resort to new tricks to breach increasingly well protected targets.

The annual predictions are prepared by the company’s experts, drawing on the research and experience gained over the course of the year. For 2018, Kaspersky Lab has complemented the targeted threat predictions prepared by the Global Research and Analysis Team with a series of industry and technology threat predictions.

Top advanced targeted threat predictions for 2018
In 2017, supply chain attacks such as Shadowpad and ExPetya showed how easily third party software could be used to gain entry into enterprises. This threat is expected to increase in 2018 as some of the world’s most dangerous threat actors start adopting the approach as an alternative to watering hole techniques or because other attempts to break in have failed.

“Supply chain attacks have proven every bit as nightmarish as we had previously theorised. As advanced threat actors continue to gain access to vulnerable development companies, back-dooring of popular or regionally popular software will become an increasingly desirable attack vector. Supply chain attacks will allow attackers to successfully gain access to multiple enterprises in target sectors while flying under the radar of system administrators and security solutions alike,” said Juan Andrés Guerrero-Saade, Principal Security Researcher, Global Research and Analysis Team.

Other targeted threat predictions for 2018 include:
  • More high-end mobile malware. Over the last couple of years, the security community has uncovered advanced mobile malware which, when combined with exploits constitute a powerful weapon against which there is little protection. 
  • Destructive attacks will continue to rise. The Shamoon 2.0 and StoneDrill attacks reported in early 2017 and the June ExPetr/NotPetya attack revealed a growing enthusiasm for destructive wiper attacks. 
  • More attacks will lead with reconnaissance and profiling to protect attackers’ most precious exploits. Attackers will spend more time on reconnaissance and using profiling toolkits such as ‘BeEF’ to determine if a less-costly, non-zero day exploit will do. 
  • Sophisticated attacks will be found exploiting the bridge between the OS and firmware. The Unified Extensible Firmware Interface (UEFI) is the software interface between the firmware and the OS on modern PCs. Kaspersky Lab expects more threat actors will make use of UEFI’s highly advanced capabilities to create malware that can be launched before any anti-malware solution, or even the OS itself, has had a chance to start. 
  • More router and modem hacks. This well-known area of vulnerability has been largely ignored as a tool for advanced targeted attackers. They sit at a critical juncture for an attacker intent on gaining persistent and stealthy access to a network, and could even allow an attacker to hide their trail. 

Alongside these advanced threat predictions, Kaspersky Lab’s industry and technology threat predictions aim to help some of the most connected sectors understand and prepare for the security challenges they could face over the coming 12 months.

Top industry threat predictions for 2018 include
  • Connected vehicles are likely to face new threats as a result of growing supply chain complexity leading to a scenario where no one player has visibility of, let alone control over, all of a vehicle’s source code. This could make it easier for attackers to break in and bypass detection. 
  • In healthcare, attacks breaching private networks to target medical equipment and data with the aim of extortion, malicious disruption or worse, could rise as the volume of specialist medical equipment connected to computer networks grows. 
  • In financial services, the increased security of online payments means that fraudsters will turn their attention to account takeover attacks. Industry estimates suggest fraud of this type will run into billions of dollars. 
  • Industrial security systems are likely to be at increased risk of targeted ransomware attacks. Operational technology systems are more vulnerable than corporate IT networks, and are often exposed to the Internet. 
  • Kaspersky Lab also expects to see targeted attacks on companies for the purpose of installing cryptocurrency miners – and in time this could become a more lucrative, long term business proposition than ransomware.


The full Kaspersky Lab Threat Predictions for 2018 are available on Securelist.

Advanced Supply Chain Group expands into Middle East
1 day ago
Manhattan Associates Named a Leader in the Industry’s Top Order Management System Evaluation
1 day ago
ELEVATE – The Command Alkon Conference Welcome Celebration Sure to Be One Attendees Won’t Soon Forget
5 days ago
How Stowga helped bring bootleg moonshine into new markets
6 days ago
InfinityQS bolsters its global channel partner program following an agreement with Tata Consultancy Services
1 week ago
Jupiter Chain and Deloitte collaborate to deliver secure blockchain-driven data exchange platform
1 week ago
JDA Named a Most Admired Company for the Third Year in a Row
1 week ago
Intelligent automation could add $512 billion to the global revenues of financial services firms by 2020
1 week ago
GateHouse Logistics and Elemica Partner to Accelerate Secure Data Sharing in Chemical and Process Industries
1 week ago
Inverarity Morton Awards BCP Contract To Develop New Supply Chain Management System
2 weeks ago
SAP Ariba Teams With SAP to Support Burger King’s Digital Transformation
2 weeks ago
SAP Introduces Intelligent Capabilities for Digital Supply Chain
2 weeks ago
GPM Investments Moves to Customer-Centric Category Management with JDA
2 weeks ago
GE Transportation And MatchBack Systems Help Drive Marine Terminal Efficiencies
2 weeks ago
BlueFinity International has appointed Ashwood Computer as a distributor for Evoke
2 weeks ago
Design Thinking and Intelligent Technologies
3 weeks ago
What is the ePrivacy Regulation? And what does it mean for my business?
3 weeks ago
SIJ Acroni optimizes production with Quintiq in bid to remain top steel producer in Europe
3 weeks ago
GarudaFood Expands JDA Footprint to Digitalize its Supply Chain
4 weeks ago
Independent Research Cites Manhattan Associates as a Strong Performer in Point of Sale Evaluation
4 weeks ago
Logility Positioned as a Leader in the 2018 Gartner Magic Quadrant for Supply Chain Planning System of Record
4 weeks ago
No-deal Brexit scenario shows the need for a flexible IT landscape
4 weeks ago
Delivering a Digital Supply Chain for the Digital Age
1 month ago
TECSYS Announces Appointment of Jeromie Atkinson as Senior Director, Supply Chain
1 month ago
LLamasoft Named to Inc. 5000 List of Fastest Growing Private Companies for Fourth Year
1 month ago
AWECO Polska Appliance Upgraded to Latest Version of Infor LN in Nine Months
1 month ago
JDA Partners with Microsoft to Power Data-Driven Digital Transformations in the Cloud
1 month ago
Command Alkon on The Forces of Change That Drive Digitization in Construction
1 month ago
Education for the disadvantaged: AEB`s foundation launches initial partnerships with charitable organizations
1 month ago
Getronics completes acquisition of ITS Overlap in France
1 month ago
SaaS Momentum Fuels JDA’s Strong Q2 Results
1 month ago
Enhance Your E-commerce Supply Chain Profitability With Effective Reverse Logistics
1 month ago
Jungheinrich supports new Global Edition board game to promote supply chain learning
1 month ago
BASF Targets End-to-End Supply Chain Transparency with Kinaxis
1 month ago
Jungheinrich launches new training course
1 month ago
Infor Expands Partnership with OpenSesame to Deliver Curated eLearning Training Courses
1 month ago
Paul Fox named Global Head of Sales and appointed to Management Board of Getronics
2 months ago
Infor Wins Major Digital Contract to Support Danube Home’s Regional Expansion
2 months ago
BEUMER Group is shaping digital transformation in intralogistics: Transformation is inevitable
2 months ago
DataArt listed on UK Government’s G-Cloud 10
2 months ago
Infor Appoints Jonathan Wood to General Manager for IMEA
2 months ago
AvantiGas chooses Six Degrees for an international-scale multi-cloud platform for streamlined operations
2 months ago
Dematic launches Customer Day series with Smart Sortation
2 months ago
Watami Selects Infor as Supply Chain Management Platform
2 months ago
GateHouse Logistics and Cargo Chief Partner to Reduce Empty Miles and Enhance Service in the US Supply Chain
2 months ago
Gartner Says Worldwide Supply Chain Management Software Revenue Grew 13.9 Per Cent in 2017
2 months ago
BluJay Accelerates Supply Chain Efficiency for Customers with Updates to its Global Trade Network Platform
2 months ago
Getronics completes acquisition of Pomeroy creating a Billion dollar plus leading global IT services platform
2 months ago
Supply chain software vendor FuturMaster announces record first half for 2018
2 months ago