Attack Growth Next Year

Friday, December 7, 2012 @ 04:12 PM gHale

If even half the predictions come true, next year should be an incredibly busy year for security professionals as there should be a continued rise of targeted attacks, cyber espionage and nation-state cyber attacks, an evolving role of hacktivism, the development of controversial “legal” surveillance tools and the increase in cybercriminal attacks targeting cloud-based services.

Targeted attacks on businesses have only become a prevalent threat within the last two years and next year will see even more attempts, according to Kaspersky Lab’s experts who outlined key security trends of 2012 and the outlook for next year.

Major Security Pain: Mobile Devices
New Year Threat Forecast
Lockheed: Attacks Up ‘Dramatically’
Agencies Join in Security Plan

Targeted attacks, with the purpose of cyber-espionage should continue in 2013 and beyond, becoming the most significant threat for businesses, said the researchers at Kaspersky Lab. Another trend that will likely impact companies and governments is the continued rise of hacktivism and the politically-motivated cyber-attacks.

“In our previous reports we categorized 2011 as the year of explosive growth of new cyber threats,” said Costin Raiu, director of Global Research & Analysis Team at Kaspersky Lab. “The most notable incidents of 2012 have been revealing and shaping the future of cyber security. We expect the next year to be packed with high-profile attacks on consumers, businesses and governments alike, and to see the first signs of notable attacks against the critical industrial infrastructure. The most notable trends of 2013 will be new example of cyber warfare operations, increasing targeted attacks on businesses and new, sophisticated mobile threats.”

State-sponsored cyber warfare will undoubtedly continue in 2013. In fact, during 2012, Kaspersky Lab discovered three new major malicious programs used in cyber warfare operations: Flame, Gauss and miniFlame.

While Flame was the largest and most sophisticated of the cyber espionage programs, its longevity was its most prominent characteristic. Being at least a five-year-old project, Flame was an example of a complex malicious program that could exist undetected for an extended amount of time while collecting massive amounts of data and sensitive information from its victims.

Kaspersky Lab researchers expect more countries to develop their own cyber programs for the purposes of cyber espionage and cyber sabotage. These attacks will affect not only government institutions, but also businesses and critical infrastructure facilities.

Development of social networks and new threats that affect consumers and businesses, have drastically changed the perception of online privacy and trust. As consumers understand that a part of their personal data ends up handed over to online services, the question is whether or not they trust them. Such confidence took a hit after the password leaks from web services such as Dropbox and LinkedIn.

The value of personal data – for cybercriminals and legitimate businesses – should grow significantly in the near future.

This year has seen an explosive growth in mobile malware, with cybercriminals’ primary focus being the Android platform, as it is the most popular and widely used. In 2013 we are likely to see a new alarming trend – the use of vulnerabilities to extend “drive-by download” attacks on mobile devices. This means that personal and corporate data stored on smartphones and tablets will be as big a target is it is on traditional computers. For the same reasons (rising popularity), new sophisticated attacks will be performed against owners of Apple devices as well.

As vulnerabilities in mobile devices become an increasing threat for users, computer application and program vulnerabilities will continue to suffer from exploits on PCs. Kaspersky Lab named 2012 the year of Java vulnerabilities, and in 2013 cybercriminals will continue to exploit Java on a massive scale. Although Java will continue to be a target for exploits, the importance of Adobe Flash and Adobe Reader as malware gateways will decrease as the latest versions include automated update systems for patching security vulnerabilities.

Leave a Reply

You must be logged in to post a comment.