Intelligent CISO Issue 23 | Page 19

cyber trends Threat actors will expand their abuse of legitimate services for hosting and distributing malicious email campaigns, malware and phishing kits. high-ransom attacks on servers and endpoints in mission-critical environments that are most likely to pay to decrypt their files for rapid recovery – to continue this year. Additionally, organisations will increasingly find that once they are victims of ransomware, they have already been compromised with a versatile malware strain that creates potential future vulnerabilities and exposes data and intellectual property. www.intelligentciso.com | Issue 23 Complex infection chains While most users have largely been conditioned to avoid attachments from unknown senders, the increasing prevalence of cloud applications and storage means that we are all conditioned to click through links to view, share and interact with a variety of content. Threat actors will continue to capitalise on this, both because of its effectiveness in social engineering and because URLs can be used to mask increasingly complex infection chains that make detection more difficult than a simply linked payload. Whereas URLs frequently linked to an executable for a malicious document in the past, this year will see increases in the use of URL shorteners, traffic distribution systems and other hops to hide final payloads from defenders and automated systems. 19