PandaLabs has published a review of trends in computer security that are expected to prevail in 2013. Vulnerabilities in the software will be the main target for cybercriminals in the coming year. Luis Corrons, Technical Director of PandaLabs, said: “Without a doubt, this is the preferred method of infection to undetectable damage to computer systems.”
In 2012, as Java, which is installed on hundreds of millions of devices, has been compromised several times and was used for active infection of millions of users. In second place is Adobe, and given the popularity of its application (Acrobat Reader, Flash and others) and its numerous security flaws, it is one of the favorite tools of mass infection of users, as well as targeted attacks.
“While it may seem that home users are most at risk, remember that updating applications that are necessary to protect against such attacks, it is a complex process in companies to update all computers – explains Luis Corrons. – At the same time, it is important to ensure proper operation of all applications used in the company. Because of this, the process of updating is performed slowly, with the result that there is a “window” which is used to steal information in general, and launch attacks aimed at finding sensitive data. ”
Other areas in which there can be a lot of security incidents in 2013:
• Social Networking: The second of the most widely used techniques – is social engineering. Trick users to collaborate in order to infect their computers and steal their data – it is a simple task, since there is no security applications that can protect users from themselves. In this regard, the use of social networks (Facebook, Twitter, etc.), ie sites, where hundreds of millions of users share information and in many cases – personal data, making it the preferred hunting ground for unsuspecting users. Particular attention should be paid to Skype, which is replacing the Messenger, may become a target for criminals.
• Malicious programs for mobile devices: Android has become the dominant mobile operating system. In September 2012, Google announced that it has reached the incredible figure of 700 million activations of Android. Although it is mostly used on smartphones and tablets, its flexibility and the feature that you do not need to purchase a license to use it, leads to the fact that on the new devices prefer to install the operating system is Google. It is used more and more widely on a variety of devices, opening up a world of possibilities for attacks, many of which have not even known.
• cyberwar / cyber espionage: Throughout 2012 various kinds of attacks have been organized against some countries. It is worth to mention the Middle East, where the conflict is also present in cyberspace. In fact, many of these attacks were carried out even by national governments and citizens who feel that they have to protect their people, attacking their neighbors, by any means available. In addition to governments the world’s leading states create cyber weapons to take measures to protect and attack.
• The growth of malware: For two decades, the number of malware has grown exponentially. Figures have reached dizzying performance when every day there are tens of thousands of samples of new malware and it seems that the achieved growth rate is still far from its peak. Despite the security measures that are better suited to deal with this type of crime, their effect is reduced due to lack of boundaries on the Internet. The police can only act within the limits of their jurisdiction, while cybercriminals can launch their attack from country A to carry out the theft of data from the citizens in country B, to send stolen data to a server located in the country C, and while doing so, they can live in country D. All this can be done in just a few clicks of the mouse, while the coordinated actions of the security forces in several countries can take months. It is for this reason that cybercriminals are still living their high points.
• Malware for Mac: The case of the Flashback, which occurred in 2012, demonstrated that the Mac is not only vulnerable to attack, but also the possibility of mass infection of hundreds of thousands of users. Although the number of malware for Mac is still relatively small compared to the number of malicious programs for the PC, but we expect that will continue to grow in number. A growing number of users in addition to the security flaws and lack of user awareness (due to over-confidence) means that the attractiveness of the platform for cyber criminals will continue to grow next year.
• Windows 8: Last but not least, Windows 8. The latest version of Microsoft’s operating system and all its predecessors will also suffer from attacks. Cyber criminals are not going to focus only on that operating system, but they will also make sure that their creations work well on all versions – Windows 7, Windows XP and Windows 8.
One of the features of the new Microsoft operating system is that it works on both PC and on tablets and smartphones. For this reason, if one develops a multi- functioning malware, allowing it to steal information regardless of device type, we will see the introduction of a special malware for Windows 8, which could take attacks to a new level.