Predictions, predictions, predictions. Where they worth their weight, we would all have been consumed in the aftermath of the "Mayan apocalypse." So much for predictions... but what about trend analysis? That's a subject worthy of consideration for cybersecurity professionals and the organizations they seek to protect as we move into the new year. So what's hot on the vulnerability scene? McAfee Labs claims that analysis of the 2012 threatscape indicates that in 2013 mobile devices will continue to be a favored target of cybercriminals, critical infrastructure may see an onslaught of more coordinated attacks, Crime-as-a-Service (CaaS) will prosper, and the age of the Anonymous hacktivist collective will likely wane. While the report is not groundbreaking, it does make for an interesting read.
The assessments are part of the 2013 Threat Predictions report predicated on data collected by the company's Global Threat Intelligence (GTI) analysis of malware evolution, disclosed vulnerabilities, active exploits, and other forms of cyber-based maladies identified throughout the previous year, and are intended to act as a baseline for preparations to address prioritize mitigation efforts.
On the mobile malware front, the researchers see the emergence of the Android/Marketpay.A Trojan as a prominent tool to be utilized by attackers to facilitate fraudulent purchases of applications unbeknownst to the victims, as well as the proliferation of ransomware attacks that seek to hold a target's data and devices hostage by locking up units and issuing demands for payment in order to restore the device's functions.
"The harsh reality of these schemes is that users have no way of knowing if their device will be unlocked even if they do meet the perpetrator’s demands. Since attackers hijack the users’ ability to access data, victims will be faced with either losing their data or paying a ransom in the hope of regaining access," the researchers stated.
The report also sees signs of continued growth in Crime-as-a-Service (CaaS) offerings on the black market as the providers flock to invitation-only forums which make their advertising efforts more anonymous and the task of identifying the criminal networks behind the services that much more difficult for law enforcement. The stealthy Citadel Trojan is specifically noted as a contender for becoming the malware of choice among cybercriminals as it evolves ever better detection evasion features.
"With the recent release of Citadel Rain, the Trojan can now dynamically retrieve configuration files, enabling a fraudster to send a targeted payload to a single victim or a selection of victims. Detection will become more difficult as the footprint on the endpoint is minimal until the attack actually occurs," the report notes.
The Anonymous hacktivist movement will most likely succumb to a lack of centralized coordination and an increase in false flag operations seeking to use the group as a scapegoat to conceal the identities and motivations of unknown attackers, according to the research. While attacks will continue, the actors and targets will more often be nation states and "patriot groups self-organized into cyberarmies" according to the analysis. "State-related threats will increase and make the headlines while suspicions about government-sponsored attacks will grow."
The targets of these attacks will increasingly be networks that govern critical infrastructure, with end goal being the destruction of systems vital to production, communications, and utility operations, according to the report. "If attackers can install destructive malware on a large number of machines, the result can be devastating," the researchers warned, advising that these networks should be sufficiently air-gapped from networks connected to the Internet to make the task of infection that much more difficult for the attackers, which most agree is a no-brainer.
While the report probably contains little in the way new information for most security professionals, it could prove useful to those who are trying to make the case to the executive class regarding where resources should be directed in the coming year, and thus has some level of value.
“Our 2013 Threat Predictions provides the general public, governments and businesses not only with the top risks in the year to come to be aware of, but also the preventative measures that should be taken to avoid those risks from occurring. Only by understanding and preparing for threats, can we empower people to secure their information,” said McAfee Labs' senior vice president Vincent Weafer.
- About Corero
- Investor Relations
- News Room
- Executive Management Team
- Corero Offices
- Contact Us