2012 Predictions: Mobile Menaces and More

Over the year, three trends dominated the cybersecurity threat landscape: targeted attacks, social media threats and mobile malware. Targeted attacks have escalated and entered into the public consciousness with successful, high-profile attacks on companies such as Sony, Lockheed Martin and RSA.

On the social media front, cybercriminals are focusing their efforts on highly-sophisticated, legitimate-looking scams on sites such as Facebook, Twitter and LinkedIn, stealing user data and spreading malware. Looking ahead into 2012, these are the 10 top Web and email trends and threats we anticipate over the next year.

Targeted Attacks Grow More Damaging and Complex

The past two years have marked a breakthrough in known incidents of targeted attacks -- we can now discern different levels of complexity. For instance, the attack on Sony merely involved the compromise of an unpatched Sony Web server, the Lockheed Martin attack was helped by the result of a successful blended email attack on RSA.

We expect to see more targeted attacks including Advanced Persistent Threats (APTs), a subset of targeted attacks with the sophisticated Stuxnet worm being one of the best examples, and more attacks launched against large high profile commercial and government organizations.

Illicit Social Media Scams Escalate

Social media services are magnets for cybercriminals, who use spam, scams and malicious campaigns on social media sites. A popular vehicle for Facebook campaigns has been “likejacking,” a form of clickjacking where users are tricked into liking a page. Most often these pages are billed as true, sensational stories, such as deaths of Osama Bin Laden or Amy Winehouse, but then lead to a malicious page or other dubious page. Campaigns also use URL shorteners that redirect users to malicious Web pages or get users to directly paste ”video” code into a browser address bar.

Mobile Malware Menaces Users and Organizations

Android has become the most-targeted mobile platform for malware, surpassing Symbian in the first half of 2011. Another area of mobile malware that has just started to emerge includes the use of mobile devices as bots in the bot networks that are already so widespread on desktop computers.  As more devices and computers become networked, attackers will attempt to compromise these resources for their own use.

All organizations should be concerned with the increasing number of employees who use their own devices at work and sync organizational data, such as email and files, to these unmanaged devices. This trend is also known as consumerization of IT or Bring-Your-Own-Device (BYOD). Organizations need to prepare for security and compliance issues posed by the introduction of devices provided by the company as well as BYOD.

Third-party Software Exploits Gain Traction

Some third-party browser software such as Java, Flash Player and Acrobat Reader have huge worldwide installed bases. Because numerous vulnerabilities in these products are found and often exploited, and because it is difficult for IT administrators to promptly update them throughout their organizations, these products have become an increasingly viable vector for attacks. Consumers face similar challenges. Sometimes the functionality that the browser software provides, or some parts of it, is unnecessary for many customers, and in those cases, disabling that functionality can effectively reduce the risk of exploits.

The variety that these technologies and file formats offer also allows use of such exploits both in widespread attacks, such as malvertisements and compromised websites, as well as in targeted attacks. Most of these files can’t be detected via URL blacklists or signature driven security protection but only through actual analysis of the embedded malicious files, which few security solutions currently perform.

Exploit Kits and Malware Reuse Proliferate

For the last few years, Zeus (a.k.a. Zbot) has functioned as one of the preferred types of malware used by cybercriminals. Until May 2011, Zeus source code was sold only to private groups, and older compiled versions of the tool were available to anyone, but then the source code of Zeus crimeware kit was leaked and is now publicly available on the Web.

Given the recent malware evolutions, we expect to see more variants of Zeus that will probably force anti-virus vendors to pay more attention to its mutations. Moreover, we expect to see additional sophisticated banking Trojans on mobile platforms that will try to bypass additional banking security checks.

Compromised Websites Serving Malicious Content Accelerates

As anti-spam and anti-malware technologies have improved, spammers have increasingly turned to legitimate compromised websites and redirection as a way around the URL reputation engines. Compromised sites are being used for spam and phishing campaigns or by botnet operators as redirectors to their malware. One of the key elements of most spam campaigns is a URL, which a user must click on to be presented with a payload.

Botnets Disruption Attempts Short-lived

In the past 12 months, we have seen a few widely-publicized botnet “takedowns”.  Although these efforts are welcome, ultimately their impact on cybercrime will be short-lived.  There are thousands of botnets out there that are in a constant state of flux and renewal, and, unless the operators are actually apprehended, botnet takedowns are only temporary. The Cutwail and Lethic botnets are classic examples of botnets that have been ”disabled” multiple times, but are still spamming today.

Spam Rebounds to Distribute Damaging Malware

Much to the benefit of email administrators everywhere, spam volumes plummeted by over 50% in the last 18 months. But the top five botnets alone – Cutwail, Grum, Maazben, Festi and Lethic -- are responsible for 80% of spam, and are still used for distribution of a lot of malware.

By mid-2011 there were days where the percentage of malicious spam, which includes both attachments and malicious links, reached 25% of total spam. Most of the malware was Trojan downloaders, like Chepvil, whose purpose is to fetch and install other malware such as Fake AV, data stealers like Spyeye, or spambots like Cutwail or Asprox.

Major Sporting Events Draw Major Cyber Attacks

The FIFA World Cup attracted much attention in 2010, with many victims falling for various scams, including counterfeit ticketing, fake merchandise and rogue travel agents.  We hope organizers of 2012’s biggest event, the London Olympic Games, will take proactive steps in the lead-up to the event including online communications. This can be accomplished by publishing a section on their website that details the expected and possible scams and attacks that fans may face, and to promote this section extensively.  Another suggestion is implementation of a fraud-watch line, where fans could submit suspicious offers for validation they are legitimate. Of course, this will only apply to the organizations working directly with the games’ organizers.

Consumers must be vigilant at all times when purchasing products and services through the Internet, including tickets or products for major sporting events. Attackers tend to stick with what works, therefore it would be prudent to understand the types of scams levied during the build-up to the FIFA World Cup.  Many of these include spam offering fake tickets, spam that pushes other products but is littered with football references in the subject line and email body, fake travel and accommodation offers, and competitions for tickets and travel packages.

Attacks on Cloud Services Inevitable

Despite excellent security practices employed by many cloud providers, the fact remains that these services are likely to be prime targets for cybercriminals because cloud service providers have high profiles. The data is concentrated, and the systems are standardized; a successful breach can yield a lot of valuable data across multiple companies for a cybercriminal.

About the author: Bradley Anstis is responsible for Technical Strategy at M86 Security.

The Tech Herald welcomes 2012 related threat predictions from vendors, as long as they do not reference the end of the world and remain product neutral. All submissions are subject to editing and are due by December 20, 2011. Submissions can be delivered to [email protected] with the email subject of 2012 Predictions.

Like this article? Please share on Facebook and give The Tech Herald a Like too!

From our Other Sites

Man Makes Tiny Edible Pancakes with Tiny Kitchen Tools (Video)

This Japanese guy cooks up some pancakes…nothing special there right? Well he uses tiny implements to do it and makes perfect little pancakes. Kinda cool and they look tasty!

What Color is this Dress?

White and Gold or Blue and Black?
Well this one has been trending all over the web, just what color is this dress? It all started in Scotland when the mother of a bride-to-be sent a picture to her daughter asking what she thought of the dress. The bride and groom each saw the image differently, this then got posted online and picked up by some viral sites. The lighting in photo is probably  causing different people to see it as either white and gold or blue and black. Prof Stephen Westland, chair of color science and technology at a University in the UK told the BBC that it was impossible to see what other people see but that it was most […]

McLaren 675LT Pictures

Some great shots of the forthcoming McLaren 675LT. This coupe will get you to 60mph in less than 2.9 second and go all the way to 205mph.

McLaren 675LT Details

McLaren’s 675LT will debut at this year’s Geneva show and promises some eye-popping performance. The coupe only 675LT has a 3.8 liter V8 that will get you from 0-60mph in less than 2.9 seconds and to 124mph in less than 7.9 secondsMore than a third of the parts have been changed compared with its stable mate […]

McLaren 675LT Wallpaper

Some cool McLaren 675LT Wallpaper. The McLaren 675LT is the latest coupe to come from the supercar maker and has a top speed of 205mph.Click on an image to open a page with multiple sizes that you can download to use as wallpaper for your mobile or desktop.More McLaren Wallpaper.

Octopus hunts on land, grabs crab (Video)

This crab is minding its own business searching the rock pools for food when suddenly an octopus leaps out of the water and grabs it. The amazing thing is that the octopus does not just jump on the crab it actually pulls it all the way back to the rock pool it came from. If you check the second video you will see it is not unknown for octopus to come out of the water and the one in the second video has a crab with it, though is not hunting one! Octopus Walks on Land at Fitzgerald Marine Reserve The video was taken by Porsche Indrisie in Yallingup, Western […]

Stunning Mars Rover Selfie

This image by the Curiosity Mars rover is not exactly your typical selfie. It is made up of a bunch of images taken by the rover during January 2015 by the Mars Hand Lens Imager. This (MAHLI) camera is at the end of the robot’s arm. For a sense of scale the rover’s wheels are about 20 inches diameter and 16 inches wide. Check the annotated image below for more information on the surroundings. Also if you really want to see some detail click this very large image, 36mb, at NASA.  

How the Sahara Helps Feed the Amazon (Video)

Sahara to Amazon
This cool video from NASA shows how dust is transferred across the Atlantic to the Amazon rainforest and helps nourish the plants growing there. For the first time scientists have measured the amount of dust and the amount of phosphorus in the dust. The later acts like a fertiliser and helps replenish the phosphorus the rainforest loses each year, around 22,000 tons. Amazing how something we perceive as being desolate like a desert actually has an important role in sustaining somewhere we see as teeming with life. Image and video from NASA’s Goddard Space Flight Center.

Bouncing Laser Guided Bomb (Video)

This amazing video shows a laser guided bomb bouncing back up after hitting its target. We actually think this is a non-explosive bomb designed to test guidance systems but it is still pretty remarkable and somewhat scary.

South Koreans Swallowed by Sinkhole (Video)

Thankfully the couple survived their adventure.
This amazing footage taken from the CCTV on a passing bus shows the moment two pedestrians in South Korea fall down a sinkhole in the street! Rescue workers managed to save the pair, who were treated in a nearby hospital for minor injuries. According to reports the city authorities and the Korean Geotechnical Society are looking into the cause.