Cyber Security: What’s The Next Big Threat In 2014?
Feb 21, 2014, 11:54 IST
Kaspersky Lab, one of the top 4 cyber security solutions providers in the world, has come up with its predictions about 2014. Not surprisingly, much of what it has seen in the crystal ball is connected to the fallout from Edward Snowden’s revelations. According to Kaspersky experts, cybercriminals will target both end users and businesses this year. Let us first look at how individuals will be affected.
Your privacy: After the Snowden episode in 2013, people are now determined to keep their private life under wraps in spite of the attention from intelligence agencies. That means protecting the information stored on their computers and devices and ensuring that their online behaviour remains confidential. This will lead to greater popularity for VPN services and Tor anonymisers, as well as increased demand for local encryption tools.
Your money: In 2014, cybercriminals will continue to develop tools for stealing cash – directly or indirectly. To plunder pockets directly, fraudsters will further refine their tools, designed to access the bank accounts of mobile device owners (mobile phishing, banking Trojans). Mobile botnets will be bought and sold, and will also be used to distribute malicious attachments on behalf of third parties. For indirect thefts, we are likely to see more sophisticated versions of the Trojans that encrypt the data on mobile devices, preventing access to photos, contacts and correspondence until a decryption fee is handed over. Android-based smartphones will undoubtedly be the first targets.
Your Bitcoins: There will be a considerable rise in the number of attacks targeting the Bitcoin users’ wallets, Bitcoin pools and stock exchanges.
How it will affect businesses
Internet service providers: A number of popular Internet services have already announced the implementation of additional measures to protect user data, for example, encryption of all data transmitted between their own servers. Implementing more sophisticated measures will continue and is likely to become a key factor when users choose between rival web services.
Cloud storage providers: Hackers are targeting Cloud service employees, seeing them as the weakest link in the security chain. A successful attack here could hand cybercriminals the keys to huge volumes of data. In addition to data theft, attackers might be interested in deleting or modifying information. In some cases, manipulated misinformation could be worth even more to those who commission the attacks. This is an ongoing trend.
Software developers: The theft of popular product sources (gaming industry, mobile apps developers, etc.,) gives attackers an excellent opportunity to find vulnerabilities in the products and further use them for their own fraudulent purposes. In addition, if cybercriminals have access to the victim’s repositories, they can modify the programme source code and embed backdoors into it.
Rival companies: Snowden’s leaks have demonstrated that one of the goals of cyber espionage between states is to provide economic aid to ‘friendly’ companies. This factor has broken down the ethical barriers which initially restrained businesses from using unconventional methods to compete with their rivals. In the new realities of cyberspace, businesses are contemplating the possibility of conducting this kind of activity for themselves. Companies will employ cyber-mercenaries, organised groups of qualified hackers who can offer bespoke cyber-espionage services.
A fragmented World Wide Web on the cards?
“The Internet has begun to break up into national segments. Snowden’s revelations have intensified the demand for rules prohibiting the use of foreign services. Individual countries are no longer willing to let a single byte of information out of their networks. These aspirations will grow stronger and legislative restrictions will inevitably transform into technical prohibitions. The next step will most likely be attempts to limit foreign access to data inside a country. As this trend develops further, it may lead at some point to the collapse of the current Internet, which will break into dozens of national networks. The shadowy Darknet will then be the only truly World Wide Web,” says Alexander Gostev, chief security expert of the global research & analysis team.
Altaf Halde is the Managing Director, Kaspersky Lab -South Asia.
Image: Thinkstock
Advertisement
Your privacy: After the Snowden episode in 2013, people are now determined to keep their private life under wraps in spite of the attention from intelligence agencies. That means protecting the information stored on their computers and devices and ensuring that their online behaviour remains confidential. This will lead to greater popularity for VPN services and Tor anonymisers, as well as increased demand for local encryption tools.
Your money: In 2014, cybercriminals will continue to develop tools for stealing cash – directly or indirectly. To plunder pockets directly, fraudsters will further refine their tools, designed to access the bank accounts of mobile device owners (mobile phishing, banking Trojans). Mobile botnets will be bought and sold, and will also be used to distribute malicious attachments on behalf of third parties. For indirect thefts, we are likely to see more sophisticated versions of the Trojans that encrypt the data on mobile devices, preventing access to photos, contacts and correspondence until a decryption fee is handed over. Android-based smartphones will undoubtedly be the first targets.
Your Bitcoins: There will be a considerable rise in the number of attacks targeting the Bitcoin users’ wallets, Bitcoin pools and stock exchanges.
How it will affect businesses
Internet service providers: A number of popular Internet services have already announced the implementation of additional measures to protect user data, for example, encryption of all data transmitted between their own servers. Implementing more sophisticated measures will continue and is likely to become a key factor when users choose between rival web services.
Advertisement
Cloud storage providers: Hackers are targeting Cloud service employees, seeing them as the weakest link in the security chain. A successful attack here could hand cybercriminals the keys to huge volumes of data. In addition to data theft, attackers might be interested in deleting or modifying information. In some cases, manipulated misinformation could be worth even more to those who commission the attacks. This is an ongoing trend.
Software developers: The theft of popular product sources (gaming industry, mobile apps developers, etc.,) gives attackers an excellent opportunity to find vulnerabilities in the products and further use them for their own fraudulent purposes. In addition, if cybercriminals have access to the victim’s repositories, they can modify the programme source code and embed backdoors into it.
Rival companies: Snowden’s leaks have demonstrated that one of the goals of cyber espionage between states is to provide economic aid to ‘friendly’ companies. This factor has broken down the ethical barriers which initially restrained businesses from using unconventional methods to compete with their rivals. In the new realities of cyberspace, businesses are contemplating the possibility of conducting this kind of activity for themselves. Companies will employ cyber-mercenaries, organised groups of qualified hackers who can offer bespoke cyber-espionage services.
A fragmented World Wide Web on the cards?
“The Internet has begun to break up into national segments. Snowden’s revelations have intensified the demand for rules prohibiting the use of foreign services. Individual countries are no longer willing to let a single byte of information out of their networks. These aspirations will grow stronger and legislative restrictions will inevitably transform into technical prohibitions. The next step will most likely be attempts to limit foreign access to data inside a country. As this trend develops further, it may lead at some point to the collapse of the current Internet, which will break into dozens of national networks. The shadowy Darknet will then be the only truly World Wide Web,” says Alexander Gostev, chief security expert of the global research & analysis team.
Advertisement
Several countries have adopted or are planning to adopt legislation prohibiting the use of foreign services. In November, Germany announced that all communications between the German authorities would be fully locked within the country. Brazil has announced its plans to build an alternative Internet channel, so that it doesn’t have to use the one that goes through Florida in the US.Altaf Halde is the Managing Director, Kaspersky Lab -South Asia.
Image: Thinkstock