Mobile threats predicted top concern for 2013
Researchers believe that the persistence of mobile threats will be a top concern for users in the coming year.
McAfee Labs' “2013 Threats Predictions” report said that there will be a rise in the incidence of mobile worms that once downloaded onto a users' phone are capable of buying malicious apps, mobile ransomware technologies that lock phones or tablets, and SMS spam and malware that block security updates to victims' phones.
Jim Walter, who handles threat intelligence operations for the office of the CTO at McAfee, told SCMagazine.com last week that the landscape of mobile threats is constantly evolving.
“The mobile [threats] are on the top of a lot of people's list because the attack service side of it is so broad and has grown so fast,” Walter said. “If you look at the past evolution of threats in malware, it has quickly become a viable target for malware authors. There's been a shocking rise in how prevalent the malware has been and how it's become adopted by malware authors.”
The growing threat of mobile malware is in part related to environments like app marketplaces, where malware is able to spread rapidly among users, Walter said.
The report further said that service providers can play an integral role in blocking mobile attacks.
One of the advantages that a cell phone company has in fighting malware is that once it recognizes a threat it can automatically push an update to customers to clean their devices, the report said. “This works on phones that have not been rooted (or unlocked) by their owners.”
Other major threats predicted for 2013 were the development of attacks against the Windows 8 operating system, released in October, and HTML5, the latest HTML standard, or markup language, for web content.
Another key finding in the report was that hacktivist group Anonymous would become less visible and successful in the coming year.
“Too many uncoordinated and unclear operations have been detrimental to its reputation,” said the report. “Added to this, the disinformation, false claims and pure hacking actions will lead to the movement's being less politically visible than in the past.”
However, more extremist groups operating under the motivation of national, religious or other socio-political causes will become more visible in 2013, McAfee said.
“Experts are no longer reluctant to predict national responsibility in military and industrial espionage or precision attacks that cause physical damage, as in the case of Stuxnet or Shamoon,” the report said. “State-related threats will increase and make the headlines. Suspicions about government-sponsored attacks will grow. Using zero-day vulnerabilities and sophistical malware, some of these attacks may be considered advanced persistent threats, while others will involve conventional malware.”
The report also said that attackers behind pervasive, sophisticated malware like Stuxnet would focus more on destroying infrastructure, rather than carrying out attacks to steal intellectual property or for solely financial gain.
In the coming year, the industry will also likely see more “hacking as a service” underground operations, where malware kits or development services are offered anonymously in exchange for money.