Malicious mobile apps, government-sponsored attacks and sandbox avoidance expected
SAN DIEGO—From mass Wordpress compromises to a spear-phishing attack on the White House, there is no doubt cybercriminals gained confidence and momentum in 2012. To help organizations prepare for next year, today the Websense® Security Labs™ announced seven predictions for the 2013 threat landscape. The full report can be found here, which includes in-depth articles on mobile security, email security and Java exploits. Highlights include:
Mobile devices will be the new target for cross-platform threats.
The top three mobile platforms hackers will target are Windows 8, Android and iOS. Cross platform exploits will make this easier via HTML5 and Java. In 2013, the rate of threat growth on Microsoft mobile devices will be the highest. Cybercriminals operate toward similar objectives as legitimate application developers and focus on the most profitable platforms. As development barriers are removed, mobile threats will be able to leverage a huge library of shared code. Attackers will also continue to increasingly use social engineering lures to capture user credentials on mobile devices.
Legitimate mobile app stores will host more malware in 2013.
Malicious apps will increasingly slip through validation processes. They will continue to pose risks to organizations enabling bring your own device (BYOD) policies. We will see an increased volume of malware hosted in legitimate mobile app stores. In addition, jail-broken/rooted devices and non-sanctioned app stores will pose significant risk to enterprises as more allow BYOD.
Government-sponsored attacks will increase as new players enter.
Expect more governments to enter the cyber-warfare arena. In the wake of several public cyber-warfare events, there are a number of contributing factors that will drive more countries toward these strategies and tactics. While the effort to become another nuclear superpower may be insurmountable, almost any country can draft the talent and resources to craft cyber-weapons. Countries and individual cybercriminals all have access to the blueprints for previous state-sponsored attacks like Stuxnet, Flame and Shamoon.
Cybercriminals will use bypass methods to avoid traditional sandbox detection.
More organizations are utilizing virtual machine defenses to test for malware and threats. As a result, attackers are taking new steps to avoid detection by recognizing virtual machine environments. Some potential methods will attempt to identify a security sandbox, just as past attacks targeted specific AV engines and turned them off. These advanced attacks will remain hidden until they are sure they aren’t in a virtual security environment.
Expect hacktivists to move to the next level as simplistic opportunities dwindle.
Driven by highly publicized hacktivist events in recent years, organizations have invested in the deployment of increasingly better detection and prevention policies, solutions and strategies. Hacktivists will move to the next level by increasing their sophistication for success.
Malicious emails are making a comeback.
Timed and targeted spear-phishing email attacks, along with an increase in malicious email attachments, are providing new opportunities for cybercrime. Malicious email will make a comeback. Domain generation algorithms will also bypass current security to increase the effectiveness of targeted attacks.
Cybercriminals will follow the crowds to legitimate content management systems and web platforms.
Vulnerabilities in Wordpress have frequently been exploited with mass compromises. As other content management systems (CMS) and service platforms increase in popularity, the bad guys will routinely test the integrity of these systems. Attacks will continue to exploit legitimate web platforms, requiring CMS administrators to pay greater attention to updates, patches, and other security measures. Cybercriminals compromise these platforms to host their malware, infect users and invade organizations to steal data.
“The past year illustrated how quickly the threat landscape continues to evolve, with attacks and exploits redefining the concepts of crime, business espionage and warfare. The risk to organizations continues to be amplified by the frailty of human curiosity. It’s now expanding across the diversity of mobile platforms, evolving content management systems and an ever-increasing population of online users.
2013 will absolutely reinforce the fact that traditional security measures are no longer effective in thwarting advanced cyberattacks. Organizations and security providers need to innovate towards more proactive real time defenses that stop advanced threats and data theft.”
-Charles Renert, vice president of Websense Security Labs, Websense, Inc.
Read the 2013 Websense Security Labs predictions report.
Watch a video of the Websense Security Labs discussing the 2013 cyber security predictions.
Click to share the 2013 Websense Security Labs predictions on Facebook.
Click to share the 2013 Websense Security Labs predictions on Twitter.
Click to Tweet: The top 7 cyberattack trends you can expect in 2013 via @websenselabs XXX #infosec #cybersec
Click to Tweet: Websense Security Labs predictions for 2013: Cross-platform threats and more via @websenselabs XXX #infosec
Please click here for more information on the Websense TRITON solution
About Websense, Inc.
Websense, Inc. (NASDAQ: WBSN), a global leader in unified web security, email security, mobile security, and data loss prevention (DLP), delivers the best content security for modern threats at the lowest total cost of ownership to tens of thousands of enterprise, mid-market and small organizations around the world. Distributed through a global network of channel partners and delivered as appliance-based software or SaaS-based cloud services, Websense content security solutions help organizations leverage social media and cloud-based communication, while protecting from advanced persistent threats and modern malware, preventing the loss of confidential information, and enforcing internet use and security policies. Websense is headquartered in San Diego, California with offices around the world. For more information, visit www.websense.com.
Like Websense on Facebook
Follow Websense on Twitter