Here Are Your 13 Predictions For 2013
- First Quantity, Now Quality: In 2013, cybercrime will focus more on quality than before. They will opt for increasingly smart malware, and more focused attacks.
- BYOD Target Number One: As part of cybercrime's focused attacks, they will be looking to infect the private mobile devices of employees who have access to the company network. BYOD will be a bear for IT the coming year. Toll fraud, malware that charges money to a users mobile phone bill will be the leading monetization strategy for mobile malware writers.
- Advanced Persistent Threats (APT) usually coming from China, will expand from enterprise to the civilian population, specifically celebrities, politicians and business leaders. The APT goal will be to either create or find offenses they can blackmail the victim with. Things like first putting child pornography on someones phone, and then threatening with revealing that information to police and press. Politicians and CEOs need to be extra careful as surveillanceware (like FinFisher) for espionage will increase.
- Malware for Apple Goes Global: It has been tested well enough now, and will make headlines in 2013 as the vast majority of Apple users are still not using any antivirus. They will regret that the coming year.
- The old Windows-centric computing environment has literally gone out the window, and people are now using various sizes of computing slabs (phones, tablets) each with their own operating system, causing update fatigue and many leaving all the defaults in place. Hackers rejoice with a million Android-based malware variants, one of which will have a critical bug and bricks phones.
- Just like the last 10 years, you will not see an omnibus cybersecurity bill getting through Congress, but in 2013 President Obama will come out with controversial Executive Orders that give DHS a much stronger role in cybersecurity governance.
- South Carolina's tax IT system breach where 4 million taxpayers were exposed, is making top officials in other local and state governments very, very nervous. Expect a wave of fresh security awareness training for all employees in those organizations.
- The United Nations-sanctioned International Telecommunication Union's recent vote allows more regulatory power to authoritarian governments around the world, which will disrupt the Web's very infrastructure. Syria dropping off the Net recently is a good example.
- Cross-platform Botnets: If you look at mobile botnets like Zitmo, they look a lot like the old PC-based botnets. Next year, we will see new types of Denial of Service (DoS) attacks that will use both PC and mobile devices at the same time, with both devices sharing the same command and control server. At the same time, mobile spam will become a major threat vector.
- The Password Is Dead. Next year you will see a wave of organizations that deploy a form of two-factor authentication for both customers and employees. It will be a Web-based login with a password together with a secondary passkey that will be sent to a user's phone.
- 2013 will be the year that the enterprise will finally get the concept of compute-on-demand and the cloud is actually ready for enterprise workloads. While big companies move them there, they omit cloud security best practices so there will be a massive cloud security breach.
- 2013 will be the year of mobile shopping, and most retail companies will enable mobile commerce the next twelve months with mobile wallets. Cyber criminals are rubbing their hands with anticipation, because now some shoulder surfing and stealing someones smartphone is enough to go for an illegal shopping spree.
- Hackers will pull off a massive Cyberheist in 2013 creating fake bank transactions harming you with the very same protocols that were designed to protect you.
And In Memoriam of excellent science-fiction writer Ray Bradbury who passed away in 2012: "People ask me to predict the future, when all I want to do is prevent it. Better yet, build it. Predicting the future is much too easy, anyway. You look at the people around you, the street you stand on, the visible air you breathe, and predict more of the same. To hell with more. I want better." Ray Bradbury
- First Quantity, Now Quality: In 2013, cybercrime will focus more on quality than before. They will opt for increasingly smart malware, and more focused attacks.
- BYOD Target Number One: As part of cybercrime's focused attacks, they will be looking to infect the private mobile devices of employees who have access to the company network. BYOD will be a bear for IT the coming year. Toll fraud, malware that charges money to a users mobile phone bill will be the leading monetization strategy for mobile malware writers.
- Advanced Persistent Threats (APT) usually coming from China, will expand from enterprise to the civilian population, specifically celebrities, politicians and business leaders. The APT goal will be to either create or find offenses they can blackmail the victim with. Things like first putting child pornography on someones phone, and then threatening with revealing that information to police and press. Politicians and CEOs need to be extra careful as surveillanceware (like FinFisher) for espionage will increase.
- Malware for Apple Goes Global: It has been tested well enough now, and will make headlines in 2013 as the vast majority of Apple users are still not using any antivirus. They will regret that the coming year.
- The old Windows-centric computing environment has literally gone out the window, and people are now using various sizes of computing slabs (phones, tablets) each with their own operating system, causing update fatigue and many leaving all the defaults in place. Hackers rejoice with a million Android-based malware variants, one of which will have a critical bug and bricks phones.
- Just like the last 10 years, you will not see an omnibus cybersecurity bill getting through Congress, but in 2013 President Obama will come out with controversial Executive Orders that give DHS a much stronger role in cybersecurity governance.
- South Carolina's tax IT system breach where 4 million taxpayers were exposed, is making top officials in other local and state governments very, very nervous. Expect a wave of fresh security awareness training for all employees in those organizations.
- The United Nations-sanctioned International Telecommunication Union's recent vote allows more regulatory power to authoritarian governments around the world, which will disrupt the Web's very infrastructure. Syria dropping off the Net recently is a good example.
- Cross-platform Botnets: If you look at mobile botnets like Zitmo, they look a lot like the old PC-based botnets. Next year, we will see new types of Denial of Service (DoS) attacks that will use both PC and mobile devices at the same time, with both devices sharing the same command and control server. At the same time, mobile spam will become a major threat vector.
- The Password Is Dead. Next year you will see a wave of organizations that deploy a form of two-factor authentication for both customers and employees. It will be a Web-based login with a password together with a secondary passkey that will be sent to a user's phone.
- 2013 will be the year that the enterprise will finally get the concept of compute-on-demand and the cloud is actually ready for enterprise workloads. While big companies move them there, they omit cloud security best practices so there will be a massive cloud security breach.
- 2013 will be the year of mobile shopping, and most retail companies will enable mobile commerce the next twelve months with mobile wallets. Cyber criminals are rubbing their hands with anticipation, because now some shoulder surfing and stealing someones smartphone is enough to go for an illegal shopping spree.
- Hackers will pull off a massive Cyberheist in 2013 creating fake bank transactions harming you with the very same protocols that were designed to protect you.
And In Memoriam of excellent science-fiction writer Ray Bradbury who passed away in 2012: "People ask me to predict the future, when all I want to do is prevent it. Better yet, build it. Predicting the future is much too easy, anyway. You look at the people around you, the street you stand on, the visible air you breathe, and predict more of the same. To hell with more. I want better." Ray Bradbury
