Fortinet, a network security provider and the worldwide leader of unified threat management (UTM) solutions – revealed FortiGuard Labs’ 2012 threat predictions, highlighting eight threats to watch out for next year.
Top 8 Security Predictions for 2012
Ransomware to Take Mobile Devices Hostage
“Ransomware,” an infection that holds a device “hostage” until a “ransom” payment is delivered, has been around on PCs for years. Mobile malware that utilize exploits have also been observed, along with social engineering tricks that lead to root access on the infected device. With root access comes more control and elevated privileges, suitable for the likes of ransomware. FortiGuard predicts we’ll see the first instances of ransomware on a mobile device in the coming year.
Worming into Android
Worms, malware that is able to quickly propagate from one device to another, have by and large remained absent from the Android operating system, but FortiGuard Labs believes that will change in 2012. Unlike Cabir, the first Symbian worm discovered in 2004, Android malware developers most likely won’t be using Bluetooth or computer sync to spread out because of their limited ranges. Instead, the team believes the threat will come from either poisoned SMS messages that include a link that contains the worm or through infected links on social networks, such as Facebook and Twitter.
Polymorphism Want a Cracker?
In the last year, FortiGuard Labs has seen Android malware use encryption, embed exploits, detect emulators and implement botnets. But what they haven’t seen yet is an example of polymorphism. Polymorphism is malware that is capable of automatically mutating, making it extremely difficult to identify and thus destroy. The team has previously encountered polymorphism on Windows Mobile phones and believes it’s only a matter of time before the malware appears on Android devices.
Clampdown on Network-Based Money Laundering
Using anonymous fund transferring services, human networks and payment processor safe havens, cybercriminal syndicates have pretty much operated with impunity for years. However, FortiGuard Labs believes more people will be tracked and captured in 2012. The recent arrest of ChronoPay CEO Pavel Vrublevsky’s on the grounds of hacking Aerfolot’s Website and preventing visitors from buying tickets, is a good example of the type of takedowns the team expects to see in the coming year.
Public-Private Relationships in Security
In 2011, FortiGuard Labs saw an increase in global collaborative botnet takedowns including Rustock and DNS Changer. Meanwhile, arrests were made against international members of Anonymous and LulzSec hacktivist groups. This crackdown will continue in 2012, and the team believes that much of it will be aided by Defense Advanced Research Projects Agency’s (DARPA’s) public defense initiative. DARPA was recently granted $188 million budget and plans to use part of the money on initiatives to build a cyber defense team in the private sector. It seems likely that in 2012 similar relationships will be formed worldwide.
SCADA Under the Scope
For over a decade, Supervisory Control and Data Acquisition- (SCADA) based threats have been a concern, because they are often connected to critical infrastructure such as power and water grids, which are not always operating on a closed circuit. Many new human machine interface (HMI) devices that interact with these systems have Web interfaces for logging in that can be circumvented to access back end systems. Groups such as Anonymous have already found an assortment of Web-based vulnerabilities simply by picking targets and scouring code. In 2012, FortiGuard predicts new SCADA vulnerabilities will be discovered and exploited with potentially devastating consequences.
Sponsored Attacks
The FortiGuard team often talks about Crime as a Service (CaaS) to describe how criminal syndicates are offering though the Internet illegal and detrimental services, such as infecting large quantities of computers, sending spam and even launching direct denial of service (DDoS) attacks. In 2012, FortiGuard Labs expects to see CaaS leveraged for more strategic and targeted attacks on companies and individuals to include state or corporate sponsorship.
Hacking a Good Cause
While Anonymous formed on 4Chan.org in 2003, only in the last year have the loosely organized anarchists started using their power to attack large, high profile targets such as Sony or, like towards the end of the year, using their power for “good.” Case in point, they’ve recently threatened to unmask Mexican drug cartel members and they recently helped authorities break up a child porn ring. FortiGuard expects to see more examples of “hacktivist” justice meted out throughout 2012 along with a mix of attacks that border or cross the line of justice.