Symantec Security and Malwares Attacks Predictions for 2013: Stakes, Threats for internet users
Since the middle of November 2012, we have an Opportunity to learn more about, what the online security companies like Symantec thinks about security issues, realties challenge, threats, we will face during 2013.
After having talked to hundreds of security experts, at Symantec to gather their thoughts and ideas and despite the fact that predictions always involves a bit of speculations, Symantec has decided to derive their predictions for 2013.
First, Cyber conflict seems to become the norm: In 2013 and beyond, conflicts between nations, organizations, and individuals will play a key role in the cyber world.
Espionage can be successful and also easily deniable when conducted online. Any nation state not understanding this has been given many examples in the last two years. Nations or organized groups of individuals will continue to use cyber tactics in an attempt to damage or destroy the secure information or funds of its targets. In 2013, we will see the cyber equivalent of saber rattling, where nation states, organizations, and even groups of individuals use cyber attacks to show their strength and “send a message.”
Symantec expects:’’ more attacks on individuals and non-government organizations, such as supporters of political issues and members of minority groups in conflict. This type of targeting is currently seen when hacktivist groups are aggravated by an individual or company.’’
3. Madware adds to the insanity: mobile adware, or “madware,” is a nuisance that disrupts the user experience and can potentially expose location details, contact information, and device identifiers to cybercriminals. Madware, which sneaks onto a user device when they download an app, often sends pop-up alerts to the notification bar adds icons, changes browser settings, and gathers personal information.
4. Monetization of social networks introduces new dangers: as consumers, we place a high level of trust in social media—from the sharing of personal details, to spending money on game credits, to gifting items to friends. As these networks start to find new ways to monetize their platforms by allowing members to buy and send real gifts, the growing social spending trend also provides cybercriminals with new ways to lay the groundwork for attack.
Symantec anticipates an increase in malware attacks that steal payment credentials in social networks or trick users into providing payment details, and other personal and potentially valuable information, to fake social networks. This may include fake gift notifications and email messages requesting home addresses and other personal information. While providing non-financial information might seem innocuous, cybercriminals sell and trade this information with one another to combine with information they already have about you, helping them create a profile of you they can use to gain access to your other accounts.
5. As users shift to mobile and cloud, so will attackers: attackers will go where users go, and this continues to be to mobile devices and the cloud.
It should come as no surprise that mobile platforms and cloud services will be likely targets for attacks and breaches in 2013. The rapid rise of Android malware in 2012 confirms this.
Also, as unmanaged mobile devices continue to enter and exit corporate networks and pick up data that later tends to become stored in other clouds, there is increased risk of breaches and targeted attacks on mobile device data. As users add applications to their phones they will pick up malware.
Some mobile malware duplicates old threats, like stealing information from devices. But it also has created new twists on old malware. For example, in the age of modems threats existed which dialed 900 numbers owned by hackers. Today mobile malware sends premium text messages to accounts that bad guys can profit from. In 2013 you can be sure mobile technology will continue to advance and thereby create new opportunities for cybercriminals.
For example, as eWallet technology becomes more widely used, it will become yet another platform hackers attempt to exploit. Mobile devices will become more valuable as mobile carriers and retail stores transition to mobile payments and continue defining new product frontiers. Just as we saw the Firesheep threat emerge to take advantage of Wi-Fi users, we will see criminals use malware to hijack payment information from people in retail environments. Some payment systems are widely used by technical novices and may have vulnerabilities that allow information to be stolen.
At the end, Symantec adds: 2013 will also press the limits of the SSL mobile infrastructure. The increase in mobile computing will strain the SSL mobile infrastructure in 2013 and reveal a core issue: Internet activity on mobile browsers is not subject to proper SSL certificate handling. To exacerbate the problem, much of this mobile Internet usage is being handled by unsecure mobile applications which bring additional risk to the table, such as man-in-the-middle attacks.
Comments