Security threats that will dominate 2012


Last week we took a look at a few IT predictions for the year ahead, and this week we're focusing specifically on threat forecasts from security vendors. They all agree that we should expect threats to grow in number, sophistication and damage potential. (Then again, would it make any sense for them to tell us, "Fear not, things are going to be just fine next year"?)

An eruption of mobile malware is widely expected in 2012, as cyber crooks become savvier about hiding malware in social media platforms. Professional criminal groups will find evermore insidious ways to take advantage of human nature online, and companies harboring vast amounts of concentrated data (cloud service providers, social networks, large enterprises) will be irresistible targets. Here is a quick overview of some of the specific predictions:

FortiGuard Labs: The research unit at Fortinet offers up eight network security trends for the year ahead, beginning with the first instances of ransomware on mobile devices. Mobile malware combined with social engineering tactics may prove irresistible to hackers, who can gain root access to infected devices and use it use to hold the devices hostage. (I predict they will publicly release their predictions Dec. 13.)

Also in the mobile threat realm, FortiGuard Labs expects to see worms squirm their way into Android devices via SMS messages or social network posts with malicious links. Meanwhile, Android-based malware will become more complex and diverse, and next year it will witness its introduction to polymorphism, in which the malware mutates automatically, making it harder to detect and eliminate.

Cyber crime syndicates increasingly will be put to work on strategic attacks against targeted companies and individuals. It won't just be the underworld hiring these criminals to do their dirty work, but states and corporations will put them to work as well. Meanwhile, more hacktivist organizations will emerge, but much of their work will be for good, not evil. Just as Anonymous this year has directed some of its power against Mexican drug cartels and child pornographers, others are likely to work on the side of justice.

Imperva: Forecasters at Imperva came up with nine cyber security predictions (see the complete list here), including a mass of attacks against SSL protocol infrastructure. Meanwhile, distributed denial of service (DDoS) attacks will move from the network level to the application and business logic levels. The beginning of this migration was already seen in attacks exploiting SQL injection vulnerabilities this year.

Imperva's researchers also see social media platforms continuing to attract hackers, and those companies wading into social media will feel the effect on the confidentiality of their data. Big data will also present a problem because massive warehouses of information are not adequately fortified with security mechanisms, hampering efforts to integrate them.

Going out on an optimistic limb, Imperva predicts that in 2012 security decisions will be driven by security awareness, not compliance requirements. As the cost of data breaches rises and more companies are targeted by industrialized hacking, there will be a growing trend toward investing in security for security's sake.

M86 Security Labs: Like their counterparts around the industry, researchers at M86 Security Labs predict more complex and damaging targeted attacks in the year ahead. (See predictions here.) Attacks taking advantage of social media--"an attacker's utopia"--will rise, and malware sent over mobile devices will speed up the pace of infection. Malicious programs will seek out not just user data on mobile devices but geographical location data as well. 

There will be more variants of Zeus, more websites hacked to serve up malicious content, and it will become even harder to disable botnets. A resurgence of malware distributed via spam will plague users, and cloud service providers will be victims of high-profile attacks. There will also be more attacks via third-party browser software, such as Java, Flash Player and Acrobat Reader, warns M86. Like other attack strategies this one will become increasingly complicated and difficult to identify.  Attackers will make more use of combined technologies, such as embedding malicious files inside other files.

Sounds like there will be more to keep information security professionals awake at night than ever before. Do you think the predictions are on target or overblown? Let me know. - Caron