F-Secure Predicts Exploit Kits May Become a Thing of the Past

Image Attribution: Opendns.com

The cybersecurity experts at F-Secure believe that exploit kits may soon become obsolete. That’s the analysis provided in F-Secure’s 2015 Threat Report, which was just published on the F-Secure website.
In the report, F-Secure says that cybercriminals will eventually give up on trying to use exploit kits such as Angler and Nuclear while shifting their focus to other means of carrying out attacks. Given the fact that so many software vendors are steering away from suites such as Adobe Flash and Java, the surface area for attacks becomes dramatically reduced.
F-Secure predicts that Microsoft Edge, Firefox and Google Chrome will all begin discontinuing support for Flash in 2017. Exploit kits provide malware with a method of infecting a user’s device, however, these exploits typically rely on flash or other browser add-os being out-of-date.
Given these new developments, experts have begun asking, “What will hackers try to exploit next?”
Sean Sullivan, Security Advisor at F-Secure says, “(It) wouldn’t be the first time that a business model collapsed in the malware scene. Or they may focus on browsers, but then they’ll need to find zero day vulnerabilities.”
Sullivan goes on to explain that the rise in cloud services may also help fend off malware, given the fact that many of these documents will now be displayed in a secure cloud interface.
Another mitigating factor for malware is the fact that Microsoft and other vendors have become increasingly keen to unsuspecting attacks by rapidly producing updates for the latest threats.
What does F-Secure predict that cybercriminals will do next?
F-Secure says that it has noticed a trend in which spammers are now sending out emails that have macros included in the attachments. This “old-school” method of deploying malware relies on the user’s inability to discern legitimate emails from illegitimate emails. Click here to read F-Secure’s comprehensive 2015 threat report.