Kaspersky Lab Outlines Key Security Trends in 2012; Predicts Core Threats for 2013
MA – December 5, 2012
- Kaspersky Lab’s experts outlined key security
trends of 2012 and presented their views on the core threats of 2013. The most notable
predictions for the next year include the continued rise of targeted attacks,
cyber-espionage and nation-state cyber-attacks, the evolving role of hacktivism,
the development of controversial “legal” surveillance tools and the increase in
cybercriminal attacks targeting cloud-based services.
use of “legal” surveillance tools in cyberspace
problems with online trust and digital authorities
of Mac OS X malware and mobile malware
and exploits continue to be key attack methods for cybercriminals
of Ransomware and cryptoextortion malware
Key Predictions for
2013 – Overview
Targeted attacks on businesses have only become a
prevalent threat within the last two years. Kaspersky Lab expects the amount of
targeted attacks, with the purpose of cyber-espionage, to continue in 2013 and
beyond, becoming the most significant threat for businesses. Another trend that
will likely impact companies and governments is the continued rise of “hacktivism”
and its concomitant politically-motivated cyber-attacks.
State-sponsored cyber warfare will
undoubtedly continue in 2013. In fact, during 2012, Kaspersky Lab discovered
three new major malicious programs that were used in cyber warfare operations: Flame, Gauss and miniFlame. While Flame was the largest and most sophisticated
of the cyber-espionage programs, its longevity was its most prominent
characteristic. Being at least a five-year-old project, Flame was an example of
a complex malicious program that could exist undetected for an extended amount
of time while collecting massive amounts of data and sensitive information from
its victims. Kaspersky Lab’s experts expect more countries to develop their own
cyber programs for the purposes of cyber-espionage and cyber-sabotage. These
attacks will affect not only government institutions, but also businesses and
critical infrastructure facilities.
In 2012 an on-going debate took place on
whether or not governments should develop and use specific surveillance
software to monitor suspects in criminal investigations. Kaspersky Lab predicts
that 2013 will build on this issue as governments create or purchase additional
monitoring tools to enhance the surveillance of individuals, which will extend
beyond wiretapping phones to enabling secret access to targeted mobile devices.
Government-backed surveillance tools in the cyber environment will most likely
continue to evolve, as law-enforcement agencies try to stay one step ahead of
cybercriminals. At the same time, controversial issues about civil liberties
and consumer privacy associated with the tools will also continue to be raised.
Development of social networks, and,
unfortunately, new threats that affect both consumers and businesses, have
drastically changed the perception of online privacy and trust. As
consumers understand that a significant portion of their personal data is being
handed over to online services, the question is whether or not they trust them.
Such confidence has already been shaken following the wake of major password
leaks from some of the most popular web services such as Dropbox and LinkedIn.
The value of personal data – for both cybercriminals and legitimate businesses
– is destined to grow significantly in the near future.
2012 has been the year of explosive growth
in mobile malware, with cybercriminals’ primary focus being the Android
platform, as it is the most popular and widely used. In 2013 we are likely to
see a new alarming trend – the use of vulnerabilities to extend “drive-by
download” attacks on mobile devices. This means that personal and corporate
data stored on smartphones and tablets will be targeted as frequently as it is
targeted on traditional computers. For the same reasons (rising popularity),
new sophisticated attacks will be performed against owners of Apple devices as
As vulnerabilities in mobile devices
become an increasing threat for users, computer application and program
vulnerabilities will continue to be exploited on PCs. Kaspersky Lab named 2012
the year of Java vulnerabilities, and in 2013 Java will continue to be
exploited by cybercriminals on a massive scale. However, although Java will
continue to be a target for exploits, the importance of Adobe Flash and Adobe
Reader as malware gateways will decrease as the latest versions include
automated update systems for patching security vulnerabilities.
Quote Costin Raiu,
Director of Global Research & Analysis Team Kaspersky Lab “In our previous reports we
categorized 2011 as the year of explosive growth of new cyber threats. The most
notable incidents of 2012 have been revealing and shaping the future of cyber
security. We expect the next year to be packed with high-profile attacks on
consumers, businesses and governments alike, and to see the first signs of
notable attacks against the critical industrial infrastructure. The most
notable trends of 2013 will be new example of cyber warfare operations,
increasing targeted attacks on businesses and new, sophisticated mobile
Kaspersky Lab is the world’s largest privately held
vendor of endpoint protection solutions. The company is ranked among the
world’s top four vendors of security solutions for endpoint users*. Throughout
its 15-year history Kaspersky Lab has remained an innovator in IT security and
provides effective digital security solutions for consumers, SMBs and large
enterprises. The company currently operates in almost 200 countries and
territories across the globe, providing protection for over 300 million users
worldwide. Learn more at www.kaspersky.com.
For the latest in-depth information on security
threat issues and trends, please visit www.securelist.com. Follow @Securelist on Twitter. For the most
up-to-date world security news, visit www.threatpost.com.
*The company was rated fourth in the IDC rating
Worldwide Endpoint Security Revenue by Vendor, 2010. The rating was published
in the IDC report Worldwide IT Security Products 2011-2015 Forecast and 2010
Vendor Shares - December 2011. The report ranked software vendors according to
earnings from sales of endpoint security solutions in 2010.