2012 Predictions: Websense Security Labs

Today’s predictions, continuing the 2012 prediction series, comes from Websense Security Labs. This year, they predict a mix of threats, including turning smartphones into ATMs, and a boom in BlackHat SEO attacks, thanks to several upcoming events.

“2011 proved that in the world of enterprise security, anything and everything goes. This year, as broader adoption of mobile, social and cloud technologies explodes, we will see the bad guys move rapidly to take advantage of this shift,” commented Dan Hubbard, Websense’s CTO.

“Almost all of the major attacks of 2011 employed a web component, whether as a vector, command-and-control center, or the pipeline for stolen data and critical IP. Web attacks are going beyond the browser and as the number of API web requests gains momentum we will see attackers using the APIs for their own malicious exploitation.

“The most advanced criminals are going to ride the waves of personal devices, personal social media use, and personal web activities of employees to create more advanced, social engineering attacks to get in. Many of the business and government attacks in the coming year won't necessarily be about how complex the code is, but how well they can convincingly lure unsuspecting victims to click.”

- Your social media identity may prove more valuable to cybercriminals than your credit cards. Bad guys will actively buy and sell social media credentials in online forums.

Spammers have been buying parcels of email credentials for a couple years now. We’ve seen carder sites where criminals can buy and sell your credit card information for pennies on the dollar. Want a South African issued card with a $25,000 limit with the user’s PIN? How about one from the U.S. issued by a bank in the Northeast along with the user’s social security number? Old news.

Today, your social identity may have greater value to the bad guys. Facebook has more than 800 million active users, and over half of them log on daily and they have an average of 130 friends. Trust is the basis of social networking, so if a bad guy compromises your social media log-ins, there is a good chance they can manipulate your friends.

- The primary blended attack method used in the most advanced attacks will be to go through your social media 'friends,' mobile devices and through the cloud.

Blended attacks used to be predominately about the use of email and web together. Many of the recent so-called advanced persistent threats (APTs) were simply email phishing scams. In 2012, advanced attacks are going to increasingly use at least two, and sometimes all, of the following emerging technologies: social media, cloud platforms, and mobile.
We’ve already seen one APT attack that used the chat functionality of a compromised social network account to get to the right user. Expect this to be the primary vector in the most persistent and advanced attacks of 2012.

- 1,000+ different mobile device attacks coming to a smartphone or tablet near you.

People have been predicting this for years, but in 2011 it actually started to happen. Expect more increases in exposed vulnerabilities from black hats and white hats in the coming year for mobile devices. In 2012, we estimate that you’ll see more than 1,000 different variants of exploits, malicious applications, and botnets infecting that device glued to your hand and plugged into your head. We’ll at least see a new variant every, day.

Indeed, if application creators don’t protectively sandbox their apps, we’re also likely to see versions of malware that access your banking and social credentials as well as other sensitive data on your phone. This includes your work documents and any cloud applications you may have on that handy device.

We’ll also start seeing significantly more social engineering designed to specifically lure mobile users to infected apps and websites. And watch out: the number of people who fall victim to believable social engineering scams will go through the roof if the bad guys find a way to use mobile location-based services to design hyper-specific geolocation social engineering attempts.

- SSL/TLS will put net traffic into a corporate IT blind spot.

Two items are increasing traffic over SSL/TLS secure tunnels for privacy and protection. First, the disruptive growth of mobile and tablet devices are moving packaged software to the cloud and distributing data to new locations. Second, many of the largest, most commonly used websites, like Google search, Facebook, and Twitter have switched their sites to default to https sessions. You’d think this would just be a positive, since it encrypts the communications between the computer and destination.

But as more traffic moves through encrypted tunnels, many traditional enterprise security defenses (like firewalls, IDS/IDP, network AV, and passive monitoring) are going to be left looking for a threat needle in a haystack, since they cannot inspect the encoded traffic. These blind spots provide a big doorway for cybercriminals to walk through.

- Containment is the new prevention.

For years, security defenses have focused on keeping cybercrime and malware out. There’s been much less attention on watching outbound traffic for data theft and evasive command and control communications. But multiple studies show that the majority of data theft is related to hacking and malware.

Websense Security Labs research estimates that more than 50 percent of data loss incidents happen over the web. DLP deployments have been delayed because of traditional long-winded, overwrought, and extensive data discovery projects. In 2012, organizations will look to stop data theft at corporate gateways that detect custom encryption, geolocations for web destinations, and command and control communications.

Organizations on the leading edge will implement outbound inspection and will focus on adapting prevention technologies to be more about containment, severing communications, and data loss mitigation after an initial infection.

- The London Olympics, U.S. presidential elections, Mayan calendar, and apocalyptic predictions will lead to broad attacks by criminals.

SEO poisoning has become an everyday occurrence. You name the trend—it’s going to be poisoned. Websense Security Labs still sees highly popular search terms deliver a quarter of the first page of results as poisoned. As the bigger search engines have become more savvy on removing poisoned results, criminals in 2012 will use the same techniques ported to new platforms.

They will continue to take advantage of today’s 24-hour, up-to-the minute news cycle, only now they will infect users where they are less suspicious: Twitter feeds, Facebook posts/emails, LinkedIn updates, YouTube video comments, and forum conversations. We recommend extreme caution with searches, wall posts, forum discussions, and tweets dealing with the topics listed above, as well as any celebrity death or other surprising news from the U.S. presidential campaign.

- Social engineering and rogue anti-virus will continue to reign.

Scareware tactics and the use of rogue anti-virus, which decreased a bit in 2011, will stage a comeback. When you combine how easy it is to acquire a malicious tool kit with the prevalence of the tools, which are designed to cause massive exploitation and compromise of websites, the result is resurgence in this type of crimeware.

Except, instead of seeing “You have been infected” pages, we anticipate three areas will emerge as growing scareware subcategories in 2012: a growth in fake registry clean-up, fake speed improvement software, and fake back-up software mimicking popular personal cloud backup systems. Also expect that the use of polymorphic code and IP lookup will continue to be built into each of these tactics to bypass blacklisting and hashing detection by security vendors.

Like this article? Please share on Facebook and give The Tech Herald a Like too!

From our Other Sites

Man Makes Tiny Edible Pancakes with Tiny Kitchen Tools (Video)

This Japanese guy cooks up some pancakes…nothing special there right? Well he uses tiny implements to do it and makes perfect little pancakes. Kinda cool and they look tasty!

What Color is this Dress?

White and Gold or Blue and Black?
Well this one has been trending all over the web, just what color is this dress? It all started in Scotland when the mother of a bride-to-be sent a picture to her daughter asking what she thought of the dress. The bride and groom each saw the image differently, this then got posted online and picked up by some viral sites. The lighting in photo is probably  causing different people to see it as either white and gold or blue and black. Prof Stephen Westland, chair of color science and technology at a University in the UK told the BBC that it was impossible to see what other people see but that it was most […]

McLaren 675LT Pictures

Some great shots of the forthcoming McLaren 675LT. This coupe will get you to 60mph in less than 2.9 second and go all the way to 205mph.

McLaren 675LT Details

McLaren’s 675LT will debut at this year’s Geneva show and promises some eye-popping performance. The coupe only 675LT has a 3.8 liter V8 that will get you from 0-60mph in less than 2.9 seconds and to 124mph in less than 7.9 secondsMore than a third of the parts have been changed compared with its stable mate […]

McLaren 675LT Wallpaper

Some cool McLaren 675LT Wallpaper. The McLaren 675LT is the latest coupe to come from the supercar maker and has a top speed of 205mph.Click on an image to open a page with multiple sizes that you can download to use as wallpaper for your mobile or desktop.More McLaren Wallpaper.

Octopus hunts on land, grabs crab (Video)

This crab is minding its own business searching the rock pools for food when suddenly an octopus leaps out of the water and grabs it. The amazing thing is that the octopus does not just jump on the crab it actually pulls it all the way back to the rock pool it came from. If you check the second video you will see it is not unknown for octopus to come out of the water and the one in the second video has a crab with it, though is not hunting one! Octopus Walks on Land at Fitzgerald Marine Reserve The video was taken by Porsche Indrisie in Yallingup, Western […]

Stunning Mars Rover Selfie

This image by the Curiosity Mars rover is not exactly your typical selfie. It is made up of a bunch of images taken by the rover during January 2015 by the Mars Hand Lens Imager. This (MAHLI) camera is at the end of the robot’s arm. For a sense of scale the rover’s wheels are about 20 inches diameter and 16 inches wide. Check the annotated image below for more information on the surroundings. Also if you really want to see some detail click this very large image, 36mb, at NASA.  

How the Sahara Helps Feed the Amazon (Video)

Sahara to Amazon
This cool video from NASA shows how dust is transferred across the Atlantic to the Amazon rainforest and helps nourish the plants growing there. For the first time scientists have measured the amount of dust and the amount of phosphorus in the dust. The later acts like a fertiliser and helps replenish the phosphorus the rainforest loses each year, around 22,000 tons. Amazing how something we perceive as being desolate like a desert actually has an important role in sustaining somewhere we see as teeming with life. Image and video from NASA’s Goddard Space Flight Center.

Bouncing Laser Guided Bomb (Video)

This amazing video shows a laser guided bomb bouncing back up after hitting its target. We actually think this is a non-explosive bomb designed to test guidance systems but it is still pretty remarkable and somewhat scary.

South Koreans Swallowed by Sinkhole (Video)

Thankfully the couple survived their adventure.
This amazing footage taken from the CCTV on a passing bus shows the moment two pedestrians in South Korea fall down a sinkhole in the street! Rescue workers managed to save the pair, who were treated in a nearby hospital for minor injuries. According to reports the city authorities and the Korean Geotechnical Society are looking into the cause.