Malicious mobile apps, government-sponsored attacks and sandbox avoidance are among seven major cybersecurity threats predicted by Websense Security Labs for 2013. The company recently released its 2013 threat landscape and noted that cybercriminals gained confidence and momentum in 2012.
According to Websense Security Labs vice president, Charles Renert, the past year illustrated how quickly the threat landscape continues to evolve with attacks and exploits redefining the concept of crime, business espionage and warfare. He noted that the risk to organizations continues to be amplified by the human curiosity; however, cyber threats are now expanding across diverse mobile platforms, involving content management systems and an ever-increasing population of online users.
As a warning, Renert said that in 2013 traditional security measures might no longer be effective in thwarting advanced cyber attacks. “Organizations and security providers need to evolve toward more proactive real-time defenses that stop advanced threats and data theft,” he said.
Last month, while visiting Brazil, John McCormack, global president of Websense, said in a video interview with RCR Wireless News that the prevalence of “iDevices;” the bring-your-own-device (BYOD) trend; and the shift from Blackberry to Apple and Google devices are among the major challenges to mobile security today. “BYOD has changed security fundamentally,” he said.
Check out Websense’s seven cybersecurity predictions:
1. Mobile devices will be the new target for cross-platform threats.
The top three mobile platforms cyber criminals will target are Windows 8, Android and iOS. Web-based, cross platform exploits will make it easier. In 2013, threats to Microsoft mobile devices will see the highest rate of growth. Cybercriminals are similar to legitimate application developers in that they focus on the most profitable platforms. As development barriers are removed, mobile threats will be able to leverage a huge library of shared code. Attacks will also continue to increasingly use social engineering lures to capture user credentials on mobile devices.
2. Cybercriminals will use bypass methods to avoid traditional sandbox detection.
More organizations are utilizing virtual machine defenses to test for malware and threats. As a result, attackers are taking new steps to avoid detection by recognizing virtual machine environments. Some potential methods will attempt to identify a security sandbox, just as past attacks targeted specific AV engines and turned them off. These advanced attacks will remain hidden until they are sure they aren’t in a virtual security environment.
3. Legitimate mobile app stores will host more malware in 2013.
Malicious apps will increasingly slip through validation processes. They will continue to pose risks to organizations that enable BYOD. In addition, jail-broken/rooted devices and non-sanctioned app stores will pose a significant risk to enterprises as more allow BYOD.
4. Government-sponsored attacks will increase as new players enter.
Expect more governments to enter the cyber-warfare arena. In the wake of several publicized cyber-warfare events, there are a number of contributing factors that will drive more countries toward these strategies and tactics. While the effort to become another nuclear superpower may be insurmountable, almost any country can draft the talent and resources to craft cyber-weapons. Countries and individual cybercriminals all have access to the blueprints for previous state-sponsored attacks like Stuxnet, Flame and Shamoon.
5. Expect hacktivists to move to the next level as simplistic opportunities dwindle.
Driven by highly publicized hacktivist events in recent years, organizations have deployed increasingly better detection and prevention policies, solutions and strategies. Hacktivists will move to the next level by increasing their sophistication.
6. Malicious emails are making a comeback.
Timed and targeted spear-phishing email attacks, along with an increase in malicious email attachments, are providing new opportunities for cybercrime. Malicious email will make a comeback. Domain generation algorithms will also bypass current security to increase the effectiveness of targeted attacks.
7. Cybercriminals will follow the crowds to legitimate content management systems and Web platforms.
Vulnerabilities in WordPress have frequently been exploited with mass compromises. As other content management systems (CMS) and service platforms increase in popularity, the bad guys will routinely test the integrity of these systems. Attacks will continue to exploit legitimate Web platforms, requiring CMS administrators to pay greater attention to updates, patches and other security measures. Cybercriminals compromise these platforms to host their malware, infect users and invade organizations to steal data.
