As Ankit Anubhav pointed out a few slides back, evasion techniques are all in rage right now.
Predicting that malware authors will add "evasion techniques" to malware source code is... kind of lazy... but we're not the experts here.When NewSky Security, McAfee, RiskIQ, and FireEye all predict that "evasion techniques" will be popular in 2019, they're not just mailing a prediction in. Making malware invisible to antivirus has always been a main preoccupation for malware authors, but now, more than ever, cyber-criminals appear to be interested in these techniques.
Over the past years, these "evasion techniques" have been small malware components that make a few clever checks to detect sandbox environments. But in 2019, cyber-security firms see "evasion techniques" go to another level.
"Think the counter-AV industry is pervasive now? This is just the beginning," McAfee said in its predictions report. "We predict in 2019, due to the ease with which criminals can now outsource key components of their attacks, evasion techniques will become more agile due to the application of artificial intelligence."
The same thing is also echoed in FireEye's predictions report, and in RiskIQ's report, where CTO Adam Hunt says that "threat actors will be using machine learning" too, and not just the cyber-security industry.
These predictions are not a surprise, as machine-learning-based security products have been popping up left and right. It's no stretch of the imagination to hear that malware authors are also exploring machine learning and AI in search of methods of evading their competition.
Join Discussion