Kaspersky Labs has predicted that among others, the most notable threats for next year include the rise of cyber-espionage and nation-state cyber-attacks, the evolving role of hacktivism and the development of ‚”legal‚” surveillance tools.
The company also predicted that there will be a rise of targeted attacks and an increase in cybercriminal attacks targeting cloud-based services.
Below is a full list on what Internet users need to be on the lookout for, as well as what cyber attacks made the news this year.
Important cyber security stories of 2012:
¬∑ Sophisticated malware targeting Mac OS X
¬∑ Explosive growth of Android threats
¬∑ Flame and Gauss as the sign of continued state-sponsored cyber warfare operations
¬∑ Notable password leaks from popular web services, such as LinkedIn and Dropbox
¬∑ Theft of Adobe certificates
¬∑ New 0-day vulnerabilities in Java and other popular software
¬∑ Attacks on network devices (namely DSL routers)
¬∑ DNSChanger shutdown
¬∑ Destructive Shamoon and Wiper malwares
¬∑ Madi cyber-espionage campaign
Predictions for 2013:
¬∑ Continued rise of targeted attacks
¬∑ Ongoing march of ‚”hacktivism‚”
¬∑ More nation-state sponsored cyber-attacks
¬∑ Government-backed use of ‚”legal‚” surveillance tools in cyberspace
¬∑ Attacks on cloud-based infrastructure
¬∑ Deterioration of digital privacy
¬∑ Continued problems with online trust and digital authorities
¬∑ Continued rise of Mac OS X malware and mobile malware
¬∑ Vulnerabilities and exploits continue to be key attack methods for cybercriminals
¬∑ Wide deployment of Ransomware and cryptoextortion malware
Key Predictions Overview:
Targeted attacks on businesses have only become a prevalent threat within the last two years. Kaspersky Lab expects the amount of targeted attacks, with the purpose of cyber-espionage, to continue in 2013 and beyond, becoming the most significant threat for businesses. Another trend that will likely impact companies and governments is the continued rise of ‚”hacktivism‚” and its concomitant politically-motivated cyber-attacks.
State-sponsored cyber warfare will undoubtedly continue in 2013. In fact, during 2012, Kaspersky Lab discovered three new major malicious programmes that were used in cyber warfare operations: Flame, Gauss and miniFlame.
While Flame was the largest and most sophisticated of the cyber-espionage programmes, its longevity was its most prominent characteristic. Being at least a five-year-old project, Flame was an example of a complex malicious programme that could exist undetected for an extended amount of time while collecting massive amounts of data and sensitive information from its victims. Kaspersky Lab’s experts expect more countries to develop their own cyber programmes for the purposes of cyber-espionage and cyber-sabotage. These attacks will affect not only government institutions, but also businesses and critical infrastructure facilities.
In 2012 an on-going debate took place on whether or not governments should develop and use specific surveillance software to monitor suspects in criminal investigations. Kaspersky Lab predicts that 2013 will build on this issue as governments create or purchase additional monitoring tools to enhance the surveillance of individuals, which will extend beyond wiretapping phones to enabling secret access to targeted mobile devices.
Government-backed surveillance tools in the cyber environment will most likely continue to evolve, as law-enforcement agencies try to stay one step ahead of cybercriminals. At the same time, controversial issues about civil liberties and consumer privacy associated with the tools will also continue to be raised.
Development of social networks, and, unfortunately, new threats that affect both consumers and businesses have drastically changed the perception of online privacy and trust. As consumers understand that a significant portion of their personal data is handed over to online services, the question is whether or not they trust them. Such confidence has already been shaken following the wake of major password leaks from some of the most popular web services such as Dropbox and LinkedIn. The value of personal data for both cybercriminals and legitimate businesses is destined to grow significantly in the near future.
2012 has been the year of the explosive growth of mobile malware, with cybercriminals’ primary focus being the Android platform, as it was the most popular and widely used. In 2013 we are likely to see a new alarming trend the use of vulnerabilities to extend ‚”drive-by download‚” attacks on mobile devices. This means that personal and corporate data stored on smartphones and tablets will be targeted as frequently as it is targeted on traditional computers. For the same reasons (rising popularity), new sophisticated attacks will be performed against owners of Apple devices as well.
As vulnerabilities in mobile devices become an increasing threat for users, computer application and programme vulnerabilities will continue to be exploited on PCs. Kaspersky Lab named 2012 the year of Java vulnerabilities, and in 2013 Java will continue to be exploited by cybercriminals on a massive scale. However, although Java will continue to be a target for exploits, the importance of Adobe Flash and Adobe Reader as malware gateways will decrease as the latest versions include automated update systems for patching security vulnerabilities.
Costin Raiu, Director of Global Research & Analysis Team at Kaspersky Lab
‚”In our previous reports we categorised 2011 as the year of explosive growth of new cyber threats. The most notable incidents of 2012 have been revealing and shaping the future of cyber security. We expect the next year to be packed with high-profile attacks on consumers, businesses and governments alike, and to see the first signs of notable attacks against the critical industrial infrastructure. The most notable trends of 2013 will be new example of cyber warfare operations, increasing targeted attacks on businesses and new, sophisticated mobile threats.‚”
* Follow Gadget on Twitter on @GadgetZA
Telcos want one face
The investments that telecommunications service providers are making in reshaping their online properties into customer-centric portals reflects the growing maturity of self-service and Internet uptake in the industry, says KEVIN MELTZER of Consology.
Many telcos around the world are overhauling their websites to offer customers more holistic portals that give them a single point of entry into the organisation.
They are doing so because they recognise that service will be a key point of differentiation for their businesses in a market that is becoming increasingly competitive. They have also realised that they have a major opportunity to shift customers away from expensive contact centres towards low-cost electronic channels.
In the past, most telecommunications operators ran multiple sites across multiple domains and subdomains. These web-based properties were built around the way that telcos structured their own businesses rather than around the needs of the customer. But we are now seeing the leading operators take a more user-centric approach to the way that they design their web and mobile sites.
This coincides with a change in the industry from slicing customers into numerous segments and then serving them across a range of functional and product areas. For example, many operators split customers into prepaid and postpaid segments or voice and data users, distinctions that are becoming less meaningful in a world of technology convergence. They now want to present a single face to the customer rather than servicing the subscriber through silos.
These changes are starting to percolate through to operators’ customer service and sales strategies. Telcos are starting to pull together disparate products and services that once resided across multiple sites into customer service portals.
These sites put a wide range of information at the subscriber’s fingertips, he adds. Increasingly, for example, subscribers can log directly into their accounts from the operator’s homepage and then access a wealth of services and information. This marks an evolution from the fractured and inconsistent customer experience of the past.
Leading operators are even thinking about how their Self-Service platforms should be integrated with social media strategies to allow customers to pay their electronic bills or top up airtime with a single click from within a social network.
Whereas Self-Service portals on telco sites were once purely about account management functions, they increasingly offer far richer functionality. In addition to allowing subscribers to pay their bills and check their account information, they are also increasingly becoming the first stop for service and commerce.
Operators have started to recognise that splintering their e-commerce, service and account management functions simply makes no sense. Customers want to be able to do everything through one interface rather than needing to visit two or three Web sites, or eventually possibly needing to phone a call centre or visit a store for certain transactions.
Integrated and easy to use online customer service channels will be central for telco operators who want to be competitive in the markets of tomorrow. They form an advantage in an industry where it will be customer relationships rather than cost or service that drive loyalty and purchasing decisions.
Talk for less with MWEB Talk
Today, MWEB announced its consumer VoIP package called MWEB Talk, which allows users to make free network calls and get discounted rates made to landlines and mobile phones.
MWEB, today launched its new Voice over IP (VoIP) offering to South African consumers. The service, MWEB Talk, will offer users’ free on network calls to fellow MWEB Talk users’ and cheap calls to landline and mobile phone numbers. This follows the success and demand of the ISP’s existing VoIP products in recent months.
‚”We have seen a noticeable transformation in users’ Internet behaviour with consumers wanting services that complement their ADSL connectivity solution. We have seen phenomenal growth and by the end of the year will deliver over 100 million minutes on our VoIP platform,‚” says Carolyn Holgate, General Manager of MWEB Connect, the ISP’s Consumer and Small Office/ Home Office Division.
MWEB has made significant investments in its infrastructure and VoIP has been prioritised on its network to ensure performance and stability of the MWEB Talk service for both businesses and consumers.
‚”In addition to the high quality of the service, MWEB Talk is also simple to set-up and users’ should experience a significant reduction in their telephone bills. By implementing a VoIP service consumers and small businesses can cut their monthly telecommunication bills by up to 55% to landline and mobile numbers,‚” says Holgate.
With no subscription fee, existing MWEB customers can log into their MWEB account, register for the service and download the application for PC and Mac as well as mobile applications that turn an iPhone, Android, and Nokia smartphone into a VoIP phone. Customers will also be able to purchase a Desktop VoIP Handset for R99 which will be HD voice ready and will support multi-extensions.
‚”We believe that VoIP is the future of telephony in South Africa and we are extremely excited to see the consumer market shift into the VoIP space,‚” concludes Holgate.