28/12/2011

What will 2012 bring in terms of cyber-crime?

What will 2012 bring in terms of cyber-crime? CyberCrime

If you would like to read the entire report “Trends 2012”, please refer to the bottom of this blog post to find the documents. 

 

A brief overview about the main topics to come:
One of the emerging issues, which will definitely stay in the focus, is concerning mobile devices. The versatile high-tech devices are common in private and business environments and this makes them an attractive target for attackers. What we have seen so far are social engineering attacks, where users install the infected apps on their devices and this gets them into trouble – they can lose money, device data, personal data, … We expect to see automated attacks, such as drive-by-infections, quite soon, because the mobile devices have so many technical possibilities and some proof of concept exploits were already written.

We also await that attacks against companies and organizations, no matter what size or sector, will increase. The appearance of DuQu, in 2011, has shown that not only high profile industrial facilities are targeted as it was thought of when StuxNet appeared. DuQu can be used in manifold ways to compromise data and/or to infiltrate a network to prepare specialized targeted attacks as a follow up, etc. The possibilities to use the stolen data and critical information are vast – blackmailing, espionage, specialized targeted attacks, sophisticated phishing attacks, etc. 

Furthermore, there are major events taking place in 2012 and we consider them an interesting ground for cyber criminals to use for their means. The European Football Championship and the Olympic Games are among the occasions with the highest public interest and there are several ways how scamsters could arrange traps, e.g. fake online ticket shops, website defacements, attacks at the venue sites and much more.

Another promising attempt to steal money in the past has been the use of banking Trojans and there are no signs of this trend reversing, as the number of online banking users - similar to the number of mobile device users - is constantly on the rise. The banking Trojan malware can be bought quite easily and “composed” individually by the attackers, which makes it such a widespread threat.

Looking at virtual currencies, the G Data SecurityLabs experts see a new possibility of acquisition. We have seen various attacks, phishing and malware, which want to steal e.g. in-game money. But a new method could arise from the use of internet-capable consumer electronics, such as web-enabled TV sets or modern gaming consoles. They could, infected with malware, be used to “mine” virtual currencies in distributed computing projects and more. 


The G Data Report “Trends 2012”
To read the full G Data Report “Trends 2012” with more detailed information on and insights in all of the topics mentioned above, download the report: