Posted by Ronan Kavanagh on Sun, Dec 9th, 2012
It has been another busy and dynamic year for cyber security. During the run up to Christmas and the New Year, the last big opportunity for cybercriminals worldwide to spread their festive threats is here, we look back on some of the biggest web security events and implications from 2012 and look ahead to 2013 and the new wave of potential threats.
Earlier this week, Sophos released the latest edition of its Security Threat Report, summing up the biggest threats seen during 2012, along with five trends that are likely to factor into IT security in the coming year.
Online Security in 2012
One of the biggest highlights from 2012 was the increasing mobility of data in corporate environments. Users are fully embracing the power to access data from anywhere at any time. The rapid adoption of bring your own devices (BYOD) and cloud computing are really accelerating this trend, and providing new vectors of attack. Employees are looking to use their smart phone, tablet, or next generation notebook to connect to corporate networks. That means IT departments are being asked to secure sensitive data on devices they have very little control over. A trend associated with this is the focused targeting of mobile devices, with a rapid increase in the amount of malware being developed and aimed at android enabled devices.
Social media continued to sustain the interest of cybercriminals in 2012 as many more users and threats flooded social media sites such as Facebook, Twitter and Pinterest. Attacker’s approaches became more acute and sophisticated on Facebook while they began to move beyond and focus on maturing platforms such as Twitter and fast growing platforms like Pinterest.
Sophos has tipped the following five trends as factoring into the IT security landscape in 2013.
Basic Web Server Mistakes
SQL injection attacks increased in 2012, with large volumes of user names and passwords getting hacked out of web servers and databases. (Structured Query Language is a special-purpose programming language designed for managing data in relational database management systems. Targets have been both big and small enterprises, motivated by both political and financial ends. Some of the big ones:
- In May, the website for Wurm Online, a massively multiplayer online game, was shuttered due to an SQL injection while the site was being updated.
- In July, criminals stole 450,000 log-ins, stored in plain text by Yahoo Voices, using a "union-based SQL injection technique".
More Irreversible Malware
In 2012 there was a surge in popularity and quality of ransomware malware, which encrypts your data and holds it for ransom. The availability of public key cryptography and clever command and control mechanisms has made it exceptionally hard, if not impossible to reverse the damage. Over the coming year it is expected that more attacks which, for IT professionals, will place a greater focus on behavioural protection mechanisms as well as system hardening and backup/restore procedures. The most recent high profile example was in November, when Hacked Go Daddy sites were infecting users.
Attack toolkits with premium features
Cybercriminals are investing big in toolkits like the Black hole exploit kit. That investment has resulted in features such as scriptable web services, APIs, malware quality assurance platforms, anti-forensics, slick reporting interfaces, and self-protection mechanisms. 2013 is expected to bring about continued evolution as such kits pick up premium features that appear to make it a snap to access ever-more comprehensive, high-quality, malicious code.
Better Expoit Mitigation
Even as the number of vulnerabilities appeared to increase in 2012 including every Java plug-in released for the past eight years exploiting them became more difficult as operating systems modernized and hardened. The report also credits ready availability of data execution protection (DEP), address space layout randomisation, sandboxing, more restricted mobile platforms and new trusted boot mechanisms (among others) for making it tougher to exploit the growing number of vulnerabilities. While we’re not expecting exploits to simply disappear, we could see this decrease in vulnerability exploits offset by a sharp rise in social engineering attacks across a wide array of platforms.
Integration, privacy and security challenges
Mobile devices and applications like social media became more integrated in 2012. Combine that with new integrated technologies, such as near field communication (NFC) as well as increasingly clever uses of GPS to pinpoint us in real life, and what you get are new chances for cybercriminals to prey on our security and/or privacy. It's true for mobile devices, of course, but it doesn't disappear for computing in general, the report says. In 2013, watch for new attacks built on top of such technologies.