Triskaidekaphobia? Predictions for 2013

Happy New Year?It’s that time of year again; snow thick on the ground, mistletoe in my back pocket, mulled wine to warm your hands and of course security predictions for 2013.

Trend Micro today released Security Threats to Business, the Digital Lifestyle, and the Cloud, our security predictions for 2013 and beyond. At first glance, the headline prediction may sound surprising; the volume of malicious and high-risk Android apps will hit 1 million in 2013. However, when you consider that our prediction for total Android malware by the end of 2012 has been constantly revised up throughout the year and now stands at over a quarter of a million, maybe it no longer sounds so fanciful.

The predictions paper proposes 10 provocative prognostications in all, some serious horizon scanning focussing on technology trends and lifestyle shifts making for very interesting reading, but I wanted to offer you a few predictions of my own.

There have certainly been some headline-grabbing malware this year, notably Flame, Gauss and their ilk. Although each of these in isolation could hardly be classified the biggest threat of 2012 the direction and momentum they represent is certainly alarming. 2012 will certainly go down as the year when we had proof positive that nations and governments are alive to the military possibilities afforded by digital covert operations and arguably they have already been used to breach both the Geneva Conventions and International Humanitarian Law. That’s a big deal; the implications of which I believe will only become clear with hindsight.

  • Multi-platform exploit kits will surface; these kits will include drive-bys for mobile. This is based on the fact that Blackhole Exploit Kit is already collecting stats for Win8 and mobile OSs. Drive-bys for mobile will be a massive game-changer in the world of mobile malware.
  • Malicious attachment renaissance – Recent research from Trend Micro found that some 91% of targeted attacks came in the form of spear-phishing emails, of which 96% used malicious attachments. Expect a renaissance of email attachment attacks, an area of defence that has perhaps been left to languish in recent years.
  • Sandbox avoidance techniques – Innovations in security technology mean that attackers will have to spend more time developing techniques to evade automated sandbox analysis. Suicide as a tactic no longer works.
  • Advanced custom malware – Commoditised – Combine rapid incorporation of 0-day exploits into exploit kits, the exploit kit market growth, custom ATS scripts, new features in Blackhole and you have the beginnings of a commodity market for advanced custom malware, it’s the next evolution. Just as advertising becomes more personalised, so does everything else, including cybercrime.
  • More 3rd party app stores, more mobile, more social, more risk. – Because MOAR!!! Every device and every service is becoming so deeply interlinked with every other and with the cloud, that any computing environment is no longer discrete. Changes and insecurities in any part of the user experience chain can and do have amplified effects elsewhere.

4 thoughts on “Triskaidekaphobia? Predictions for 2013

  1. Pingback: 13恐懼症?2013年資安預測 | 雲端運算與網路安全趨勢部落格

  2. Pingback: Triskaidekaphobia? Predictions for 2013 » CounterMeasures | Mercado seguridad TIC | Scoop.it

  3. Pingback: Triskaidekaphobia? Predictions for 2013 « URL Aggregator

  4. Jon Clay

    Predictions always seem to be more doom & gloom and so in the spirit of the holidays and wanting to humor things up a bit I’d like to share my 2013 predictions:

    1. Cyborgs will be reprogrammed by political hactivists to make peace not war.
    2. Smart TV’s will be hacked and only show reruns of Teletubbies
    3. The Internet will shut down on December 21, 2013 because the Mayan’s were off a year.
    4. The IRS will use SpyEye to take money from tax evaders
    5. Hackers United will defeat Manchester United in the world cup by hacking the scoreboard

    There you go, hope they brought a little smile to your face.

    Jon Clay

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>