At the end of the year experts at G Data SecurityLabs are taking a moment to look both back and forward at IT security, attacks and cyber crime. In 2012, online criminals were opting for particularly intelligent malware and delivering more on quality rather than quantity.
Cyber war has been mentioned again and again in connection with Stuxnet, Flame or Gaus. However, the G Data expert believes that talk of a cyber war is misplaced. “Anyone speaking of a cyber war is misguided. This is a matter of specific espionage activities, not a war. Talking of cyber warfare is an exaggeration,” says Ralf Benzm??ller. “It is more accurate to say that, in a military dispute, appropriate Special Forces are set up in every army, to protect their own IT infrastructure and fend off potential attackers.”
Targeted attacks on companies and institutions will increase next year. However, the perpetrators are not only targeting large companies. There will also be an increase in attacks on small companies in the coming year, as these are also good targets for the attackers.
With the growing use of private mobile devices in company networks for the purposes of “bring your own device”, smartphones, tablets, notebooks and netbooks are becoming ideal attack vectors for criminals. They can use such devices to get hold of confidential company data and gain access to the company network.
Mac malware out of the test phase
G Data expects a higher occurrence of malware for Apple operating systems next year, specifically intended for stealing money and spying on personal data. “The time for testing is over for Mac malware. Cyber criminals are ready for action,” explains Ralf Benzm??ller. The expert sees the limited awareness of malware among Mac users as a benefit for the attackers.
Smart TVs: attack on the living room
Web-enabled televisions continue to be on the rise. In G Data’s opinion, cyber criminals will exploit this development and smart televisions will find themselves to be targets for online and malware attacks next year. This might involve victims being spied on via the integrated webcam and the microphone. Another possibility for the security experts is the infiltration of popular malware via supposed firmware updates, as a cover for malicious code.
Mobile malware on the rise
Next year, the amount of malware developed specifically for tablets and smartphones with an Android operating system will continue to increase. G Data expects that vulnerabilities in the browser platforms will be found and exploited for attacks, and that users may thus be attacked while surfing. Furthermore, the attackers will continue to focus on social engineering to infiltrate mobile devices with malicious apps.
Security holes as a gateway
The number of exploits will continue to grow next year. In this regard, G Data is registering more and more exploits, which just need to be deployed by the perpetrators, offered for sale on the black market. Exploit kits also enable less experienced cyber criminals to manipulate websites and deliver any malware to visitors to the site. The criminals rely on out-of-date Java versions and software vulnerabilities to do so. Also, newly discovered security holes in software programs are quickly adopted in the exploit kits.