Kaspersky Security Bulletin 2012: Reflections and Predictions

12 Dec 2012

The new year is upon us and that means looking back at the events of the last 12 months, as well as looking ahead to the upcoming year.  In this co-authored blog post, Kaspersky Lab’s Costin Raiu and David Emm roll back the clock and review the predictions that the GReAT team made one year ago.  Costin examines the top 10 security incidents that shaped 2012 and David provides a security forecast for 2013.  Here are some highlights from the report.  Check out the full report here.

Top security stories that shaped 2012, including:

Flashback Hits Mac OS X: Based on Kaspersky Lab’s statistics, it’s estimated that Flashback infected over 700,000 Macs, easily the biggest known MacOS X infection to date.  Flashback continues to be relevant because it demolished the myth of invulnerability surrounding the Mac and because it confirmed that massive outbreaks can indeed affect non-Windows platforms.

Flame and Gauss: Nation-State Cyber-Espionage Campaigns:  Flame is arguably one of the most sophisticated pieces of malware ever created.  Flame is important because it showed that highly complex malware can exist undetected for many years. It is estimated that the Flame project could be at least five years old.  When Flame was discovered, people wondered how many other campaigns like this were being mounted. And it wasn’t long before others surfaced. The discovery of Gauss, another highly sophisticated Trojan, added a new dimension to nation-state cyber campaigns. Gauss is remarkable for a variety of things, some of which remain a mystery to this day.

The Explosion of Android Threats:  In 2012, Kaspersky Lab identified more than 35,000 malicious Android programs—about six times more than in 2011. Looking forward, there is no doubt this trend will continue, just like it did with Windows malware many years ago. We are therefore expecting 2013 to be filled with targeted attacks against Android users, zero-days and data leaks. 

Security predictions for 2013, including:

Targeted Attacks and Cyberespionage:  Targeted attacks have become an established feature in the last two years, and the huge volume of information shared online and the growing use of social media in business has helped to fuel such attacks. We can expect the growth of cyber-espionage to continue into 2013 and beyond, and it’s important to remember that any organization can become a victim. All organizations hold data that is of value to cybercriminals; and they may also be used as ‘stepping-stones’ to reach other companies.

Hacktivism: Stealing money is not the only motive behind attacks. Sometimes the purpose of an attack is to make a political or social point.  Society’s increasing reliance on the Internet makes organizations of all kinds potentially vulnerable to attacks of this sort, so hacktivism looks set to continue into 2013 and beyond.

Nation-State Sponsored Cyber-Attacks:  Looking ahead we can expect more countries to develop cyber weapons – designed to steal information or sabotage systems.  It’s also possible that we may see copy-cat attacks by non-nation-states, with an increased risk of “collateral damage” beyond the intended victim of the attack.