In 2013 and beyond, conflicts between nations, organisations, and individuals will play a key role in the cyber world, according to predictions from computer security software firm, Symantec.
Grant Brown, security practices expert at Symantec says that, as organisations and consumers increasingly rely on online platforms to drive interactions with one another, the risk of malicious attacks remains ever-present.
The group has highlighted some of the issues that organisations and consumers should take note of:
1. Cyber conflict becomes the norm
In 2013 and beyond, conflicts between nations, organisations, and individuals will play a key role in the cyber world.
Brown says that espionage can be successful and also easily deniable when conducted online. Any nation state not understanding this has been given many examples in the last two years. Nations or organised groups of individuals will continue to use cyber tactics in an attempt to damage or destroy the secure information or funds of its targets.
“Additionally, we expect more attacks on individuals and non-government organisations, such as supporters of political issues and members of minority groups in conflict. This type of targeting is currently seen when hacktivist groups are aggravated by an individual or company,” he said.
2. Ransomware is the new scareware
As fake antivirus begins to fade as a criminal enterprise, a new and harsher model will continue to emerge.
“Ramsomware goes beyond attempting to fool its victims; it attempts to intimidate and bully them. While this business model has been tried before, it suffered from the same limitations of real life kidnapping – there was never a good way to collect the money.
“Cybercriminals have now discovered a solution to this problem using online payment methods. They can now use force instead of flimflam to steal from their targets. As it is no longer necessary to con people into handing over their money, we can expect the extortion methods to get harsher and more destructive,” said Brown.
According to Symantec, in 2013 attackers will use more professional ransom screens, up the emotional stakes to motivate their victims, and use methods that make it harder to recover once compromised.
3. Madware adds to the insanity
Symantec says that mobile adware, or “madware,” disrupts the user experience and can potentially expose location details, contact information, and device identifiers to cybercriminals.
Madware – which sneaks onto a user device when they download an app – often sends pop-up alerts to the notification bar adds icons, changes browser settings, and gathers personal information.
In just the past nine months, the number of apps including the most aggressive forms of madware has increased by 210%. Location and device information can be legitimately collected by advertising networks, as it helps them target users with appropriate advertising.
“We expect increased use in madware as more companies seek to drive revenue growth through mobile ads,” Brown said.
4. Monetisation of social networks introduces new dangers
Symantec says that consumers place a high level of trust in social media, from the sharing of personal details, to spending money on game credits, to gifting items to friends.
As these networks start to find new ways to monetise their platforms by allowing members to buy and send real gifts, the growing social spending trend also provides cybercriminals with new ways to lay the groundwork for attack.
The cyber security firm anticipates an increase in malware attacks that steal payment credentials in social networks or trick users into providing payment details, and other personal and potentially valuable information, to fake social networks.
This may include fake gift notifications and email messages requesting home addresses and other personal information.
5. Attackers join the shift to mobile and cloud
Cybercriminals will go where users go, and this continues to be to mobile devices and the cloud. It should come as no surprise that mobile platforms and cloud services will be likely targets for attacks and breaches in 2013, says Brown.
“Also, as unmanaged mobile devices continue to enter and exit corporate networks and pick up data that later tends to become stored in other clouds, there is increased risk of breaches and targeted attacks on mobile device data. As users add applications to their phones they will pick up malware,” the security practices expert said.
Some mobile malware duplicates old threats, like stealing information from devices. Mobile malware sends premium text messages to accounts that bad guys can profit from. Symantec forecasts that mobile devices will become more valuable as mobile carriers and retail stores transition to mobile payments and continue defining new product frontiers.
“We will see criminals use malware to hijack payment information from people in retail environments. Some payment systems are widely used by technical novices and may have vulnerabilities that allow information to be stolen.
“Cybercriminals are adapting to changing technology conditions faster than what organisations can keep up. To this end, organisations need to refocus on getting the security foundations and principles in place to protect their business, online reputation, and identities,” Brown said.