(WEB HOST INDUSTRY REVIEW) — Security research firm McAfee predicts that cyberattacks involving political motivation or notoriety will become major threats in 2012, according to a report released Wednesday.
McAfee’s 2012 Threat Predictions report finds that mobile banking, “legal” spam and virtual currency will make headlines in the new year.
“Many of the threats that will become prominent in 2012 have already been looming under the radar in 2011,” Vincent Weafer, senior vice president of McAfee Labs said in a statement. “Over the past year, the general public has become more aware of some of these risks, such as threats to critical infrastructure or the impact of hacktivism as they gain international media attention. In the meantime, we continue to see cybercriminals improving their toolkits and malware and are ready to make a significant impact in 2012.”
The report says that cybercriminals will target utilities systems (like the Stuxnet computer worm in 2010 that targeted industrial systems), and focus on mobile attacks as more users leverage mobile devices for banking. McAfee says more attackers will bypass PCs and go straight after mobile banking apps because of its heavy use.
While global spam volumes have dropped over the past two years, legitimate advertisers are using the same spamming techniques including buying customer databases from companies going out of business. According to McAfee, the technique is known as “snowshoe spamming.”
McAfee says that hacker group Anonymous will reinvent itself or die out in 2012, and the “digital disruptions” will collaborate with physical demonstrators and target public figures more than ever before. For example, the Occupy movement, while mostly a physical instance of activism, will integrate digitally.
While compromised digital certificates have been somewhat of a theme in 2011, McAfee says this trend of rogue certificates will continue in 2012. McAfee says the wide-scale targeting of certificate authorities and the broader use of fradulent digtal certificates will affect infrastructure, secure browsing and transactions.
Although hacktivism is not new, with the WikiLeaks saga on the front pages in 2010 hacktivism gained wider publicity, acceptance, and usage than ever before. Overall, 2011 was a muddled year for online activists, with conflicting players frequently at odds with each other and no clearly stated goals. It was often difficult to sort things out between politically motivated campaigns and simple scriptkiddies entertainment, but one thing became clear: When hacktivists picked a target, that target was compromised either through a data breach or denial of service. They are a credible force. Agree with their goals or not, Anonymous and other hacktivist groups have shown themselves to be dedicated, resourceful, and even agile in choosing some of their targets and operations. The coming year will be decisive for hacktivism. And the Anonymous stories represent only one aspect of this issue.
The “true” Anonymous (that is, its historical wing) will reinvent themselves and their scene or die out. If the Anonymous circles of influence are unable to become organized—with clear calls for action and responsibility claims—all those labeling themselves Anonymous will eventually run the risk of becoming marginalized. Either way, we will see a large increase in such attacks. Distributed denial of service (DDoS) and personal data disclosures justified by a political conscience will continue to grow.
The people leading digital disruptions will become better engaged with the people leading physical demonstrations. We will see more mating of social media-based hacktivism with social mediacoordinated hacktivism. We expect many future operations to include both physical and digital components. Joint and coordinated actions, in the field and online, will be simultaneously planned. It is not hard to predict the evolution of the Occupy and other outraged groups to include more direct digital actions. As we posited in other predictions, the possibility of mating hacktivist goals with industrial controller or SCADA system availability is a very real possibility. We expect hard-line hacktivists supporting the worldwide Occupy movements will drop the Anonymous label and soon
operate as “Cyberoccupiers.”
For political and ideological ends, the private lives of public figures—politicians, industry leaders, judges, and law-enforcement and security officers—will be disclosed this year more than in the past. Protesters will stop at nothing to obtain data from social networks or web servers to support their various operations.
2012 Threats Predictions 5
Some hacktivists will operate along the same lines as the various “cyberarmies” that primarily flourish in nondemocratic or nonsecular states (Iranian Cyber Army, Pakistan Cyber Army, ChinaHonker group, etc.). Mostly used for defacement in the past two years, the armies will move to more disruptive actions in the new year. Some of these groups will clash themselves, possibly causing unpredictable collateral damages (Palestinian versus Israeli, Indian versus Pakistani, North versus South Korean, etc.). In 2011, cyberarmies were rumored to be manipulated or supported by their governments. Totalitarian
states will go further next year, even acknowledging the actions of local cyberarmies.
To download a PDF of the full report, go here.
- You can follow any responses to this entry through the RSS 2.0 feed.
- Both comments and pings are currently closed.