Cybercriminals will focus even more on mobile devices in 2013, but Anonymous attacks will decline. So says McAfee's 2013 Threat Predictions report.
"Cybercriminals and hacktivists will strengthen and evolve the techniques and tools they use to assault our privacy, bank accounts, mobile devices, businesses, organizations and homes," said Vincent Weafer, senior vice president of McAfee Labs. "Only by understanding and preparing for threats can we empower people to secure their information."
Mobile Threats Rising
The number of mobile threats increased dramatically in 2012, as ransom-ware expanded into mobile devices. McAfee predicts the development and deployment of increasingly sophisticated ransom-ware technologies that will "lock up" a phone or tablet and threaten to keep it that way until a ransom is paid, will be a prominent trend in 2013.
The security firm says users have no way of knowing if their device will be unlocked even if they do meet the perpetrator's demands. Since attackers hijack the users' ability to access data, McAfee said, victims will be faced with either losing their data or paying a ransom in the hope of regaining access.
McAfee also pointed to a new mobile worm it expects will go on a major shopping spree in 2013. The Android/Marketpay.A Trojan horse program buys apps without user permission. In 2013 cyber-crooks will take this malware's app-buying payload and add it to a mobile worm so attackers won't need victims to install a piece of malware, the firm predicted.
And it seems mobile phones with NFC-enabled "digital wallets" are an easy target for cyber-thieves. McAfee expects attackers to create mobile worms with NFC capabilities to steal money via the "bump and infect" method, most commonly used in areas with dense populations like airports and malls.
The Decline of Anonymous
Due to many uncoordinated and unclear operations and false claims, McAfee predicts the Anonymous hacktivist movement will slow down in 2013. Anonymous' level of technical sophistication has stagnated and its tactics are better understood by its potential victims, and as such, the group's level of success will decline. While hacktivist attacks won't end in 2013, if ever, they are expected to decline in number and sophistication.
"Nation-states and armies will be more frequent actors and victims of cyberthreats. Patriot groups self-organized into cyberarmies have had little impact up until this point, but their actions will improve in sophistication and aggressiveness," the report said. "In 2013, many more of the world's military units will be on the front line of social networks communicating more frequently. State-related threats will increase and make the headlines, while suspicions about government-sponsored attacks will grow."
McAfee also noted how cybercriminals are notorious for going onto public forums to make business deals with other criminals to offer not only software, but also hacking as a service. As the number of invitation-only criminal forums requiring registration fees is increasing to make forums more secure and anonymous, the firm predicts these offers will be easier to find on the Internet in 2013.
"Citadel will become the Trojan of choice among cybercriminals -- with the recent release of Citadel Rain, the Trojan can now dynamically retrieve configuration files, enabling a fraudster to send a targeted payload to a single victim or a selection of victims," the report said. "Detection will become more difficult as the footprint on the endpoint is minimal until the attack actually occurs."
Posted: 2013-01-14 @ 12:41am PT
Great article! There isn't a security threat that you can think of that some security company's marketing literature doesn't promise a solution for. But despite the zeal of marketers and the production of many great security solutions, there are still many threats to enterprise IT that simply cannot be offset, mitigated or prevented by a single technology solution. There also is a lot of misinformation out there that makes for uninformed security professionals and software developers. It's not uncommon to hear things like "well, I run a web vulnerability scanning tool that catches the majority of vulnerabilities", or "my Web Application Firewall mitigates any security holes in my applications" or "the frameworks we use prevent developers from writing insecure code." I cringe when I hear this because I know from experience that tools, frameworks and technologies can only automate, protect, and sandbox your software applications so much. Here's a great article on what tools, technologies and best practices can and cannot protect against: http://blog.securityinnovation.com/blog/2012/12/securing-application-it-systems-what-tools-technologies-and-best-practices-can-and-cannot-protect-ag.html. Hope you find it useful!