Days after Sophos issued its security trends report, Kaspersky Labs is following up with a report of its own. Kaspersky outlined what it sees as key security trends of 2012 and predictions of core threats of 2013.
Kaspersky's most notable predictions for 2013 include the continued rise of targeted attacks, cyber-espionage and nation-state cyber-attacks, the evolving role of hacktivism, the development of controversial "legal" surveillance tools and the increase in cybercriminal attacks targeting cloud-based services.
"In our previous reports we categorized 2011 as the year of explosive growth of new cyber threats. The most notable incidents of 2012 have been revealing and shaping the future of cyber security," said Costin Raiu, director of the Global Research and Analysis Team at Kaspersky Lab.
"We expect the next year to be packed with high-profile attacks on consumers, businesses and governments alike, and to see the first signs of notable attacks against the critical industrial infrastructure. The most notable trends of 2013 will be new example of cyber warfare operations, increasing targeted attacks on businesses and new, sophisticated mobile threats."
Drive-By Android Hits
Kaspersky noted that 2012 has been the year of explosive growth in mobile malware, with cybercriminals' primary focus being the Android platform because it is the most popular and widely used. In 2013 the firm predicts the likelihood of a new alarming trend -- the use of vulnerabilities to extend "drive-by download" attacks on mobile devices.
What does this mean? According to Kaspersky, personal and corporate stored on smartphones and tablets will be targeted as frequently as it is targeted on traditional computers. For the same reasons -- rising popularity -- new sophisticated attacks will be performed against owners of Apple devices as well.
Ted Demopoulos, principal analyst at Demopoulos Associates, said Android is poised to become the new Windows when it comes to malware.
"Android is an enormous target, just like Windows, and the enormous growth of
mobile devices as compared to normal PCs means that it may surpass
Windows in the not too distant future," Demopoulos told us.
"Also, most Android devices do not sit behind the corporate firewall, do
not run anti malware/anti virus, and the common practice of co-mingling
business and user data means there is extreme danger ahead -- or enormous
opportunity for attackers."
Cyber Espionage and Social Networks
Kaspersky also predicted state-sponsored cyber warfare will continue in 2013. During 2012, Kaspersky Lab discovered three new major malicious programs that were used in cyber warfare operations: Flame, Gauss and miniFlame. While Flame was the largest and most sophisticated of the cyber-espionage programs, the firm said, its longevity was its most prominent characteristic.
"Being at least a 5-year-old project, Flame was an example of a complex malicious program that could exist undetected for an extended amount of time while collecting massive amounts of data and sensitive information from its victims," the report said. Kaspersky Lab's experts expect more countries to develop their own cyber programs for the purposes of cyber-espionage and cyber-sabotage. These attacks will affect not only government institutions, but also businesses and critical infrastructure facilities.
Of course, social networks remain a target. Kaspersky said new threats that affect both consumers and businesses have drastically changed the perception of online privacy and trust.
"As consumers understand that a significant portion of their personal data is being handed over to online services, the question is whether or not they trust them," the report said. "Such confidence has already been shaken following the wake of major password leaks from some of the most popular Web services such as Dropbox and LinkedIn. The value of personal data -- for both cybercriminals and legitimate businesses -- is destined to grow significantly in the near future."