Trend Micro today released Security Threats to Business, the Digital Lifestyle, and the Cloud, our security predictions for 2013 and beyond. At first glance, the headline prediction may sound surprising; the volume of malicious and high-risk Android apps will hit 1 million in 2013. However, when you consider that our prediction for total Android malware by the end of 2012 has been constantly revised up throughout the year and now stands at over a quarter of a million, maybe it no longer sounds so fanciful.
The predictions paper proposes 10 provocative prognostications in all, some serious horizon scanning focussing on technology trends and lifestyle shifts making for very interesting reading, but I wanted to offer you a few predictions of my own.
There have certainly been some headline-grabbing malware this year, notably Flame, Gauss and their ilk. Although each of these in isolation could hardly be classified the biggest threat of 2012 the direction and momentum they represent is certainly alarming. 2012 will certainly go down as the year when we had proof positive that nations and governments are alive to the military possibilities afforded by digital covert operations and arguably they have already been used to breach both the Geneva Conventions and International Humanitarian Law. That’s a big deal; the implications of which I believe will only become clear with hindsight.
- Multi-platform exploit kits will surface; these kits will include drive-bys for mobile. This is based on the fact that Blackhole Exploit Kit is already collecting stats for Win8 and mobile OSs. Drive-bys for mobile will be a massive game-changer in the world of mobile malware.
- Malicious attachment renaissance – Recent research from Trend Micro found that some 91% of targeted attacks came in the form of spear-phishing emails, of which 96% used malicious attachments. Expect a renaissance of email attachment attacks, an area of defence that has perhaps been left to languish in recent years.
- Sandbox avoidance techniques – Innovations in security technology mean that attackers will have to spend more time developing techniques to evade automated sandbox analysis. Suicide as a tactic no longer works.
- Advanced custom malware – Commoditised – Combine rapid incorporation of 0-day exploits into exploit kits, the exploit kit market growth, custom ATS scripts, new features in Blackhole and you have the beginnings of a commodity market for advanced custom malware, it’s the next evolution. Just as advertising becomes more personalised, so does everything else, including cybercrime.
- More 3rd party app stores, more mobile, more social, more risk. – Because MOAR!!! Every device and every service is becoming so deeply interlinked with every other and with the cloud, that any computing environment is no longer discrete. Changes and insecurities in any part of the user experience chain can and do have amplified effects elsewhere.