2013-12-02
Abstract
Round-up of some of the security industry's predictions for the year ahead.
Copyright © 2013 Virus Bulletin
It has become an annual tradition as the year draws to a close for security firms to look ahead and reveal what they expect the new year to bring. On looking over a small selection of firms’ predictions, there is surprisingly little overlap – which, rather than suggesting a lack of cohesion, more likely reflects the complex and quickly evolving nature of today’s threat landscape. Some of the more common themes are summarized below.
While analyst firm Ovum predicts that attack volumes will continue to rise in 2014, with advanced persistent threat activity ‘moving up through the gears’, Websense actually foresees a drop in the volume of new malware – expecting cybercriminals to rely increasingly on lower volume, more targeted attacks that run a lower risk of detection.
Symantec predicts that no social network, no matter how niche or obscure, will be immune to the attentions of scammers, data-harvesters and cybercriminals – and Websense concurs, warning that attackers will increasingly focus on the more career-oriented networks (such as LinkedIn) in an attempt to target professionals and company executives. FireEye expects watering hole attacks and social media targeting increasingly to supplant spear-phishing emails.
Symantec predicts that the Internet of Things will become a magnet for hackers in 2014 – with proof-of-concept attacks against baby monitors, security cameras, smart TVs and medical equipment already having been demonstrated. Fortinet also anticipates seeing attacks against the Internet of Things – expecting Android developers to turn their attention to home automation equipment, wearable devices and portable games consoles, in doing so opening up a wealth of new opportunities for cybercriminals.
Fortinet predicts that, while encryption itself won’t change, the use of encryption will increase – foreseeing an overall rise in use of encryption prompted by fears of eavesdropping, whether by malware or government programs. Symantec also expects users to take active steps to keep their data private – with privacy protection starting to become a feature of new products, and the use of anonymity service Tor becoming increasingly widespread.
Websense predicts that Java will continue to be highly exploited as most end points continue to run old, vulnerable versions of Java. FireEye, on the other hand, expects Java zero-day exploits to become less prevalent, having observed a slowdown in the release of Java zero-day exploits since February this year. FireEye’s researchers believe that too few people are using vulnerable versions of Java to give exploit developers sufficient incentive to find bugs.
Fortinet predicts that more botnets will migrate from traditional C&C servers to P2P networks, making the botnets more robust against takedown attempts. FireEye also envisages changes in communication techniques – expecting malware authors to tunnel communications over legitimate protocols and abuse legitimate Internet services to relay traffic and evade detection.
Trusteer predicts that source code leaks will accelerate malware release cycles, providing cybercriminals with the building blocks to quickly create new variants. Meanwhile, Websense expects to see a struggle for power among exploit kits as the kits that have until now been the underdogs to market leader Blackhole rise to the fore following the arrest of the Blackhole creator.
Finally, FireEye predicts that attackers will find more ways to defeat automated analysis systems, and Trusteer expects to see a rise in malware using techniques to avoid analysis by malware researchers – expecting researcher evasion to become a standard component of most malware offerings.
One thing all vendors agree on is that the security landscape is certain to become more challenging over the coming year. More predictions can be found on each of the vendor’s sites.
