These predictions are just a handful of the many threats we'll see. Our solutions need to evolve with the threats and provide multiple layers of protection Credit: Thinkstock The year 2017 saw some of the biggest cyberthreats in recent history, with millions of consumers and thousands of businesses affected by everything from the WannaCry attack to the Equifax and Uber data breaches. Gartner reports that worldwide, information security spending will reach $86.4 billion by the end of 2017 and the 2017 Cybercrime Report anticipates cybercrime damages to cost the world $6 trillion annually by 2021.So, how can businesses protect themselves from falling victim to next year’s most anticipated security attacks? I’ve compiled a list of five predictions highlighting new and evolving threats to watch out for and protect against in 2018.1. The cryptojacking “gold rush” will be the top priority for cybercriminalsCryptojacking activity began exploding toward the end of 2017 and we suspect that we will see far more activity in 2018, particularly as the value of cryptocurrencies escalates. What makes this kind of activity interesting is how it has created a blurry line between the everyday Internet user and the cybercriminal. An individual mining cryptocurrency could very well be mining for their own wallet, based on visitors to their own web properties. There is also a very likely chance within those circumstances that disclosed cryptojacking activity could replace advertising on sites to become an entirely new revenue stream. However, the largest portion of cryptojacking is likely to occur from legitimate websites compromised to mine currency for the criminal wallet. Regardless, cryptojacking will be one of the cybercrime activities to watch in 2018.2. We will see an increase in PowerShell-based attacksEarlier this year, entities of the Saudi Arabian government were compromised using a macro in Microsoft Word to infect the target’s computer with an information-stealing Trojan. Rather than retrieving a binary payload, the attack relied on malicious scripts to maintain persistence on the device and to communicate with compromised websites acting as proxies for the command and control server. These malicious script-based attacks, specifically PowerShell-based attacks, are incredibly difficult to identify. They can easily evade antivirus engines, making it that much more appealing to cybercriminals. I predict many more PowerShell attacks in the year to come. [ Related: How to protect your network from PowerShell exploits ]3. The cybercriminal underground will continue to evolve and growWhile it may seem like we are already overwhelmed by the amount of cyberattacks occurring daily, this will not slow down in 2018. In fact, with a recent increase in cybercriminal tools and a lower threshold of knowledge required to carry out attacks, the pool of cybercriminals will only increase. This growth is a likely response to news media and pop culture publicizing the profitability and success that cybercrime has become. Ransomware alone was a $1 billion industry last year. Joining the world of cybercrime is no longer taboo, as the stigma of these activities diminishes in parts of the world. To many, it’s simply a “good” business decision. At the same time, those already established as “top-players” in cybercrime will increase their aggressive defense of their criminal territories, areas of operations and revenue streams. We may actually begin to see multinational cybercrime businesses undertake merger and acquisition strategies and real-world violence to further secure and grow their revenue pipeline. 4. Security software will have a target on its backIn 2018, cybercriminals will target and exploit more security software. By targeting trusted programs and the software and hardware supply chain, attackers can control devices and wholeheartedly manipulate users. Hackers will leverage and exploit security products, either directly subverting the agent on the endpoint, or intercepting and redirecting cloud traffic to achieve their means. As these events become more publicly known, the public and business perception of security software, particularly that of antivirus solutions, will further deteriorate.5. More cyber criminals will use worms to launch malwareIn 2017, we saw WannaCry and Trickbot use worm functionality to spread malware. More malware families will use this technique in 2018 because network compromise from worms spread faster than many other methods. If hackers can figure out how to use worms without being too noisy (a traditional downfall of this approach), this tactic can amass a large number of victims very quickly.These predictions are just a handful of the many threats projected to hit 2018. Every year, we see both the caliber and sophistication of breaches reach new heights with respect to loss and damages. At the same time, we are all becoming too comfortably numb with the daily breach headlines. We can’t cross our fingers and hope that our own company or PII (personal identifiable information) isn’t next on the news cycle.What we can do is enhance awareness, education and training of our employees and IT staff. Our employees are on the front lines of this cybercrime battle and one avoided click can save hours of down time for IT. At the same time, our solutions need to evolve with the threats and provide multiple layers of protection. With the new year, we have a fresh start and a new security page to write for 2018. Related content opinion How GDPR will affect small and midsized businesses GDPR went into effect May 25th and many small- to medium-sized businesses will be impacted whether they realize it or not. Although daunting, here are a few steps your company can take to be better prepared. By Justin Dolly May 29, 2018 5 mins Small and Medium Business Regulation Government opinion A first quarter look at cybercrime What did we learn about cybercrime in the first quarter of 2018? Malicious cryptomining has taken over and it’s leaving all other malware families behind. By Justin Dolly Apr 30, 2018 4 mins Cybercrime Security opinion Tax scams target businesses, too: attacks just the tip of the phishing spear There are too many people unaware of the issue and too many organizations that believe they are immune or that your business won’t be a target. By Justin Dolly Mar 28, 2018 5 mins Phishing Government Technology Industry opinion 7 ways to stay safe online on Valentine’s Day Looking for love in all the wrong places? Here are some helpful tips for safeguarding yourself while trying to find love on the internet. By Justin Dolly Feb 12, 2018 6 mins Technology Industry Data and Information Security Physical Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe