Continuing with our round up of the IT security vendor view of the year to come, here's how PandaLabs, the malware research laboratory arm of Panda Security, sees 2013 stacking up in terms of threats and exploits.
Perhaps unsurprisingly, PandaLabs predicts that 2013 will be much the same as 2012 in that software vulnerabilities will take centre stage and be the main target of cyber-criminals. It is "undoubtedly the preferred method of infection for compromising systems transparently, used by both cyber-criminals and intelligence agencies in countries around the world" according to PandaLabs technical director Luis Corrons. This year we saw Java, for example, repeatedly compromised and used to infect millions of users across the globe. Adobe wasn't far behind in the infection stakes with Acrobat Reader and Flash, and sadly, multiple security flaws.
But software vulnerabilities are not the only fruit as far as infosec areas to watch in 2013. Here's what else PandaLabs predict we will be seeing a lot of in the year ahead:
Social networks: tricking users into unwittingly collaborating in order infect their computers and steal their data is, frankly, a very easy ask - there are simply no effective security applications when it comes to protecting users from themselves. Looked at in this context then, it is hardly surprising that the use of social networks makes them the preferred hunting ground for social engineers.
Skype: after pretty much replacing Messenger for most users, Skype could well become a major target for cyber-criminals.
Mobile malware: with Android undoubtedly becoming the dominant mobile OS, it's also become the dominant infection vector. In September 2012, Google announced that it had reached the incredible figure of 700 million Android activations. Although it is mainly used on smartphones and tablets, its flexibility and the fact that you do not have to buy a license to use it are going to result in new devices opting to use Google's operating system. Its use is going to become increasingly widespread, from televisions to all types of home appliances, which opens up a world of possible attacks as yet unknown.
Cyber-warfare: throughout 2012, different types of attacks have been launched against nations. The Middle East is worth mentioning, where the conflict is also present in cyber-space. In fact, many of these attacks are not even carried out by national governments but by citizens, who feel that they should defend their nation by attacking their neighbors using any means available. Furthermore, the governments of the world’s leading nations are creating cyber commandos to prepare both defense and attack and therefore, the cyber-arms race will escalate.
Mac malware: cases like Flashback, which occurred in 2012, have demonstrated that not only is Mac susceptible to malware attacks but that there are also massive infections affecting hundreds of thousands of users. Although the number of malware strains for Mac is still relatively low compared to malware for PCs, PandaLabs expects it to continue rising. A growing number of users added to security flaws and lack of user awareness (due to over-confidence), mean that the attraction of this platform for cyber-crooks will continue to increase next year.
Windows 8: last but by no means least, Windows 8 has arrived and could herald a new wave of security issues. Microsoft’s latest operating system, along with all of its predecessors, will almost certainly suffer attack. Cyber-criminals are not going to focus on this operating system only but they will also make sure that their creations work equally well on Windows XP to Windows 8, through Windows 7. One of the attractions of Microsoft’s new operating system is that it runs on PCs, as well as on tablets and smartphones. For this reason, if functional malware strains that allow information to be stolen regardless of the type of device used are developed, we could see a specific development of malware for Windows 8 that could take attacks to a new level.
