Kaspersky Lab’s Top 13 Security Predictions for 2013

0

Media Release

The biggest threats for Australian businesses and consumers

 MELBOURNE, Australia – 10 December, 2012 – The year 2012 was a big year for security. The Flame and Gauss viruses demonstrated the potentially devastating, threat of cyber warfare, Anonymous showed the world just how powerful hacktivists can be, and the first ever virus found in the iTunes app store made us realise that not even Apple is safe from cyber-attack.

The most recent James Bond film, Skyfall, which has made $24.8m in Australian box offices alone, showcases the scary possibilities of cyber espionage and warfare. But these aren’t just farfetched concepts from a Bond movie – cyber security is a very real threat. As we move into 2013, Kaspersky Lab reminds both consumers and businesses not to be complacent about online security, with the top 13 issues to look out for.

  1. Critical infrastructure – In 2012, Kaspersky Lab discovered three new major malicious programs that were used in cyber warfare operations: FlameGauss and miniFlame. In 2013, Kaspersky Lab’s experts expect more countries to develop their own cyber programs for the purposes of cyber-espionage and cyber-sabotage. These attacks will affect government institutions, businesses and critical infrastructure facilities. Kaspersky Lab also predicts that governments will create more monitoring tools to enhance the surveillance of individuals, which will enable secret access to targeted mobile devices
  2. Exploit kits – Exploit kits will continue to be one of the most popular weapons in the cybercriminals’ arsenal for 2013. To increase the risk of infection, malware writers create and sell exploit kits – packages of malicious programs that simultaneously target several vulnerable points in the system. Cybercriminals use kits to access a large number of computers, with the aim of spreading malware and accessing information, targeting the most vulnerable application platforms like Java or Adobe flash. The kits sell on the black market for anything for several thousands of dollars
  3.  Targeted attacks – The opposite to exploit kits, which cast a wide net in search of multiple victims, targeted attacks focus in on one person, such as an important CEO. Hackers may get access to this person’s Facebook page, for example, or create a false one, with the aim of making contact with other people within that organisation. By ‘friending’ the CEO’s co-workers, the hacker can gain access to personal information, which can be used for various purposes, including cracking passwords. A recent survey by Kaspersky Lab showed that almost a third of us (29%) are using personal details, such a child or partner’s name, as a password. The same details that 27% of us admit to having visible on Facebook.[1]
  4. DNSChanger – Cyber criminals are taking over the internet in more sophisticated ways each year. With the increase in online shopping, we predict to see more DNSChanger attacks – this is malicious software that changes domain name settings and tricks consumers into thinking they’re on a legitimate website, when in fact they’ve been redirected to a fake website. The fake sites look exactly the same – they even have the same URL in the address bar – and allow hackers to steal personal information and credit card details. A good anti-virus software that’s kept up to date should be able to detect whether a website is real or fake
  5. Botnets – In 2013 we’re likely to see smaller botnets than in previous years. While botnets have traditionally infected computers to create large zombie networks to launch DDoS attacks, we’re expecting botnet sizes will drop in 2013 because smaller networks are harder for governments to detect. The smaller botnets will be focused on data mining and corporate espionage, rather than sending bulk spam and DDoS attacks
  6. Modularisation – Modularisation, where hackers add their own plug-ins to web browsers, is on the rise and will continue into next year. When accessing an infected website, you can inadvertently download malicious software which allows hackers to take over your computer. This form of attack is especially targeting computers that are left on overnight. Hackers can use your unattended computer to search important files, send spam, or do anything they like. Do you turn your computer off when you leave the office every night?
  7. Mobile attacks – With the continuous rise of Android devices, and its easy-to-hack open source operating system, Android based malware is still going to be the biggest mobile threat facing consumers in 2013. Zitmo and Spitmo remain the most popular phone malware used for mobile attacks. However, with 390 different types of mobile malware discovered in 2012, we should expect the number of mobile malware to rise for 2013
  8. Rogue certificates – In addition to mobile malware, malicious apps continue to be an issue for smartphone and tablet users. Hackers are creating rogue certificates that allow them to bypass even Apple’s very strict guidelines. Notably, the first infected Apple app, ‘Find and Call’, was discovered in 2012 and we predict there will be more infected apps in 2013 thanks to more sophisticated rogue certificates
  9. NFC malware – As mobile phone companies and banks make the push to enable NFC payment systems via smartphones, the hackers will surely follow. With consumers linking their credit card details directly to their phones, hackers will be more tempted than ever to infect phones with malware so they can steal them. For anyone planning to purchase smartphones with NFC payment capabilities, installing mobile security on your smartphone is going to be crucial
  10. Share baiting – Social networks are as popular as ever, and one of the biggest growing scams on social networking sites is share baiting. This often comes in the form of a friend ‘recommending’ a video, which opens up a web page where you need to fill in your details and answer questions. The cyber scammers pushing these video links make money for every survey that gets filled out – which is why they make the videos as enticing as possible
  11. Online privacy – Development of social networks, and, unfortunately, new threats that affect both consumers and businesses have drastically changed the perception of online privacy and trust. As consumers understand that a significant portion of their personal data is handed over to online services, the question is whether or not they trust them. Such confidence has already been shaken following the wake of major password leaks from some of the most popular web services such as Dropbox and LinkedIn. The value of personal data – for both cybercriminals and legitimate businesses – is destined to grow significantly in 2013
  12. HTML5 – Despite the benefits of HTMLs most recent version, the fact that all programs can now be integrated with the one browser makes creating a breach a cake walk for hackers. With vulnerable systems like Adobe now being integrated directly into a browser, it makes it easier for hackers to access everything else within the same page. As Web threats evolve, it is more important than ever to ensure you’re never even browsing the Internet without adequate protection
  13. Unregistered markets – Hosting service providers in Australia are regulated, but there are unregistered markets outside of Australia that don’t play by the same rules. Many illegal P2P torrent downloading sites are hosted in unregistered markets – the same places where many spoof and phishing websites originate from. Given the ease of setting up these sites and the amount of money that can be made, we expect hosted services from unregistered markets to grow in 2013, with copyright taking the biggest hit

Wayne Kirby, Product Specialist, Kaspersky Lab ANZ says, “Every day new viruses, worms, Trojans and other malicious attacks and scams are being developed, so it’s more important than ever to update your internet protection regularly, as hackers will always find vulnerabilities.

“Remember not to be complacent about your own security. Change your passwords regularly, and don’t use easy to obtain information, such as a pet or family member’s name.

“Finally, if you’re a Mac user and think you’re safe – think again. In 2013 we expect to see more Mac viruses than ever before.”

About Kaspersky Lab

Kaspersky Lab is the world’s largest privately held anti-malware company. It delivers some of the world’s most immediate protection against IT security threats, including viruses, spyware, crimeware, hackers, phishing, and spam. Over 400 million people worldwide are protected by Kaspersky Lab products and technologies. Kaspersky Lab’s corporate client-base exceeds 200,000 companies located around the globe, ranging from small and medium-sized businesses, all the way up to large governmental and commercial organisations. With over 2,000 highly qualified specialists Kaspersky Lab has offices in almost every country across the globe. The Kaspersky Lab Australian and New Zealand headquarters is located in the Docklands, Melbourne. Kaspersky Lab Australia and New Zealand has extensive consumer and corporate channels and locally based technical support technicians. Learn more about Kaspersky at: www.kaspersky.com.au and for the latest on antivirus, anti-spyware, anti-spam and other IT security issues and trends, visit: www.securelist.com.

 To stay updated with Kaspersky Lab news and products, check out the Kaspersky Lab Australia Facebook page https://www.facebook.com/KasperskyLabAustralia.

[1] Kaspersky Lab Online Shopping Survey, Australia, September 2012

Share.

Comments are closed.