WatchGuard warns of Vaporworms, Global Internet Disruption and Rogue AI Chatbots for 2019

Predictions from WatchGuard Threat Lab include the next evolution of ransomware, escalating nation-state attacks, biometric hacking and Wi-Fi protocol security.
WatchGuard Technologies’ information security predictions for 2019 include the emergence of ’vaporworms’, a new breed of fileless malware with wormlike properties to self-propagate through vulnerable systems, along with a takedown of the internet itself and ransomware targeting utilities and industrial control systems. WatchGuard’s Threat Lab research team developed these predictions based on an analysis of major security and threat trends over the past year.
“Cyber criminals are continuing to reshape the threat landscape as they update their tactics and escalate their attacks against businesses, governments and even the infrastructure of the internet itself,” said Corey Nachreiner, Chief Technology Officer at WatchGuard Technologies. “The Threat Lab’s 2019 predictions span from highly likely to audacious, but consistent across all eight is that there’s hope for preventing them. Organisations of all sizes need to look ahead at what new threats might be around the corner, prepare for evolving attacks and ensure they’re equipped with layered security defences to meet them head-on.”
The WatchGuard Threat Lab’s 2019 Security Predictions are:

  1. Vaporworms or Fileless malware worms will emerge. Fileless malware strains will exhibit wormlike properties in 2019, allowing them to self-propagate by exploiting software vulnerabilities. Fileless malware is more difficult for traditional endpoint detection to identify and block because it runs entirely in memory, without ever dropping a file onto the infected system. Combine that trend with the number of systems running unpatched software vulnerable to certain exploits and 2019 will be the year of the vaporworm.
  2. Attackers hold the Internet hostage. A hacktivist collective or nation-state will launch a coordinated attack against the infrastructure of the internet in 2019. The protocol that controls the internet (BGP) operates largely on the honour system, and a 2016 DDoS attack against hosting provider Dyn showed that a single attack against a hosting provider or registrar could take down major websites. The bottom line is that the internet itself is ripe for the taking by someone with the resources to DDoS multiple critical points underpinning the internet or abuse the underlying protocols themselves.
  3. Escalations in State-level cyber-attacks force a UN Cyber Security Treaty. The UN will more forcefully tackle the issue of state-sponsored cyber-attacks by enacting a multinational Cyber Security Treaty in 2019.
  4. AI-Driven chatbots go rogue. In 2019, cyber criminals and black hat hackers will create malicious chatbots on legitimate sites to socially engineer unknowing victims into clicking malicious links, downloading files containing malware or sharing private information.
  5. A major biometric hack will be the beginning of the end for single-factor authentication. As biometric logins like Apple’s FaceID become more common, hackers will take advantage of the false sense of security they encourage and crack a biometric-only login method at scale to pull off a major attack. As a result, 2019 will see strong growth in the use of multi-factor authentication (MFA) for added protection among groups with more security knowledge, particularly push-based authentication and MFA for Cloud application defence.
  6. A nation-state to take ’Fire Sale’ attacks from fiction to reality. In the Die Hard movie series, a ‘fire sale’ was a fictional three-pronged cyber-attack, targeting a city or state’s transportation operations, financial systems, public utilities and communication infrastructure. The fear and confusion caused during this attack was designed to allow the terrorists to siphon off huge sums of money undetected. Modern cyber security incidents suggest that nation-states and terrorists have developed these capabilities, so 2019 may be the first year one of these multi-pronged attacks is launched to cover up a hidden operation.
  7. Hackers to cause real-world blackouts as targeted ransomware focuses on utilities and industrial control systems. Targeted ransomware campaigns will cause chaos in 2019 by targeting industrial control systems and public utilities for larger payoffs. The average payment demand will increase by over 6500 percent, from an average of $300 to $20,000 per attack. These assaults will result in real-world consequences like city-wide blackouts and the loss of access to public utilities.
  8. A WPA3 Wi-Fi network will be hacked using one of the six Wi-Fi threat categories.
    Hackers will use rogue APs, Evil Twin APs, or any of the six known Wi-Fi threat categories (as defined by the Trusted Wireless Environment Framework) to compromise a WPA3 Wi-Fi network, despite enhancements to the new WPA3 encryption standard. Unless more comprehensive security is built into the Wi-Fi infrastructure across the entire industry, users can be fooled into feeling safe with WPA3 while still being susceptible to attacks like Evil Twin APs.

www.watchguard.com
Additional Materials

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Georgina Turner image

Georgina Turner

Sales
Manager

Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

Dallmeier - securitybuyer.com

Dallmeier presents the MK4 revision of the DMS 2400

With the new MK4 revision of the DMS 2400, Dallmeier introduces an even more powerful version of its proven video appliance.
security Institute - securitybuyer.com

Security Institute Announces New Directors

The Security Institute held its Annual General Meeting (AGM) on the 8th of July at the Millennium Hotel & Conference Centre…
ASSA ABLOY - securitybuyer.com

BG100 Speedgate Recognised with Red Dot Award

Combining an Aesthetically Appealing Design, Function and Innovation, the BG100 Speedgate Sets New Benchmark for …
Product Spotlight - Videx - securitybuyer.com

Product Spotlight – Era Series

VIDEX presents its new series of outdoor compact video door entry systems, Era Series, and showcases their durability, configuration…
Security Institute - SecurityBuyer.com

The Security Institute Hosts Second Young People’s Skill Building

The Security Institute was honoured to host its second annual Young People’s Skill Building Event on Monday 23rd June, held …
Hanwha Vision - Security Buyer

Hanwha Vision unveils powerful AI remote-head camera

Hanwha Vision, the global vision solution provider, launches the AI remote-head camera, featuring a single-body…
Christina Alexander Judge - SecurityBuyer

Christina Alexander Announced as Security Buyer Awards Judge

Security Buyer is proud to announce Christina Alexander as the latest addition to the distinguished judging panel for the Security…
Milestone - SecurityBuyer

Milestone Systems updates across XProtect, BriefCam, Arcules

Milestone Systems today announced updates across its complete security technology portfolio with releases for XProtect
Big Interview Abdullah Tanoli

Big Interview – Hero of Leicester Square

Rebecca Spayne of Security Buyer has the privilege of speaking with a real-life hero, Abdullah Tanoli, the hero of Leicester Square..
Altronix - SecurityBuyer

Altronix POE367 Delivers 277VAC Support

Altronix has expanded its power product line with the new POE367 power supply/charger designed specifically for 277VAC input environments.
Scroll to Top