As cybercriminals improve their toolkits and malware, they’re moving away from hacking personal computers to mobile devices, as well as plotting other more sophisticated attacks, according to a report on the top cyber threats for 2012.
“Many of the threats that will become prominent in 2012 have already been looming under the radar in 2011,” Vincent Weafer, senior vice president of McAfee Labs, a technology company and subsidiary of Intel Corp., said in a release
The five top cyber threats as seen by McAfee are:
- Attacking mobile devices: Techniques used in the past for online banking, such as stealing from victims while they are still logged on, will now target mobile banking users.
- Embedded hardware: Embedded systems, which are designed for a specific control function within a larger system, are commonly used in vehicles, GPS systems, medical devices, routers, digital cameras and printers. Hackers with access to malware that attacks the hardware layer of such systems will gain control and long-term access to the system and its data.
- Industrial attacks: Many of the environments where SCADA (supervisory control and data acquisition) systems are deployed — such as water, electricity, oil and gas utilities — don’t have sufficiently stringent security practices, leaving them vulnerable to blackmail or extortion.
- “Legalized” spam: While global spam volumes have dropped in recent years, legitimate advertisers are now using the same techniques, such as purchasing email lists of users who have consented to receive advertising, or purchasing consumer databases from companies going out of business. “Legal” spam is expected to grow at a faster rate than illegal phishing and confidence scams on the internet.
- Online/frontline hacktivisim: McAffee predicts the true Anonymous group will reinvent itself or die out, and those leading digital disruptions will join forces with physical protesters to target public figures such as politicians and business leaders.
The year ahead will feature new and increasingly sophisticated means to capture and exploit user data, as well as escalating battles over the control of online
In the past year, we have witnessed cyber attacks of unprecedented sophistication and reach. These attacks demonstrate that malicious actors have the ability to compromise and control millions of computers that belong to governments, private enterprises and ordinary citizens. If we are going to prevent motivated adversaries from attacking our systems, stealing our data and harming our critical infrastructure, the broader community of security researchers — including academia, the private sector and government — must work together to understand emerging threats and to develop proactive security solutions to safeguard the Internet and physical infrastructure that relies on it.
This slideshow features Georgia Tech’s Cyber Threats Forecast for 2012 and the emerging cyber threats for 2012, identified by the Georgia Tech Information Security Center and the Georgia Tech Research Institute source @ slides at ITBusinessEdge.com