The cat-and-mouse game between hackers and security professionals continues.
As security technologies evolve over the next year, we can expect cybercriminals to step up their game in several key ways, says Chris Astacio, manager of security research at Websense Labs.
They’ll build on and refine the techniques that proved successful in 2012, he says, and will also develop new attack vectors to get around some of the barriers the good guys have been putting up.
WebSense has identified seven key areas to watch next year. Here they are:
1. More cross-platform threats
Astacio says these sorts of attacks are already occurring, but there will be more of them, especially aimed at mobile devices. “We’re expecting to see much more phishing spam—things of that sort—to try to gain credentials over the mobile platform,” he says.
“But the really interesting and sort of juicy part of all of this is the whole idea of exploit kits being used for mobile devices.”
Exploit kits now want to profile both the users who access malicious sites and the operating systems they use, he explains. For example, an unfortunate iPad user heading to Blackhole exploit kit URL could be identified as such and get infected by a specific file designed for the iOS platform.
When hackers try to root the devices, he adds. “It could be anything from a banker, to a sniffer, to getting Facebook credentials or even something as simple as possibly spamming,” says Astacio.
2. Mobile app delinquency rises
He also expects to see more legitimate app stores hosting malware next year. There’s been a constant rise in this over 2012 and he expects it to continue. Meanwhile, there will be more mobile applications “behaving badly.”
Some applications are demanding too much information from users via permissions, Astacio says, information that could be used in an attack later on. “Why would an application necessarily need to take a look at data that’s stored locally on the system if it’s just used for photos, for example?”
3. Smaller countries gear up for cyber-war
It’s widely assumed that the big powers like the U.S. and China are involved in shadowy online campaigns, but the little guys will get into the fray as well, he says. Part of the reason is that it doesn’t cost as much to buy weapons for a cyber-war anymore.
Running a large deficit? No problem. Smaller governments could use “off the market kits or even freeware to attack other governments,” he says.
4. Hackers become more “virtually aware”
The practice of sandboxing files is gaining in popularity, and this hasn’t escaped the notice of hackers, says Astacio. They’re looking for ways to prevent their binaries from being automatically sandboxed, and they’ll start programming them into their malicious files.
Most sandboxing systems run for 60 seconds, so a hacker could design them to wait for several minutes after they’re loaded into a virtual environment, he says.
5. Spam goes postal
Malicious spam is back in a big way, and we can expect our inboxes to get even more clogged next year, says Astacio, “whether it’s your mass attack with a malicious URL, which leads to your Blackhole exploit kit, or any other exploit kit, to your targeted phishing type of attacks.”
The latter, he says, could take the form of a PDF that exploits a zero-day vulnerability to load another binary. Meanwhile, spear-phishing attacks, targeting specific people are companies, will remain especially popular, he says.
6. Content management misfortunes
WordPress has always been a vulnerable target simply because of its popularity. But in 2013, as some of its smaller rivals like Joomla and Drupal grab bits of its market share, hackers will begin to turn their guns on the competition as well, Astacio says.
7. Good fences make better hacktivists
Companies are strengthening the walls protecting them from ideologically driven hackers like the Anonymous collective and make sure their intellectual property doesn’t get stolen. But hackers will learn to get around them, predicts Astacio.
“Hacktivism attempts are going to continue at about the same rate over the next year, but we’re also going to see that hacktivists are going to have to step up their game and use more sophisticated types of attack tools.”