Mobile Malware, Malicious Apps, Hacktivism, Digital Wallet Attacks, Cyber Warfare and Wire Transfer Fraud on the Rise
by Joel Smith, CTO, AppRiver, February 1, 2013
The upcoming year is going to offer a lot of challenges for the IT security world, according to email and Web security provider AppRiver. In its year-end Threat & Spamscape Report, the company looks at some of security issues from 2012 and warns that 2013 could bring:
- Mobile Malware—Mobile devices give users almost all the all of the capabilities of the desktop computer at home without any of the security. With only three major mobile operating systems, it’s now easier for scammers to develop effective malware. Be prepared to see an increase in the amount of malware targeting Android, iOS and Windows mobile devices through several vectors including email, browser attacks and malicious apps.
- Malicious Apps—With malicious applications for smartphones and tablets finding their way into legitimate app stores, security on the app stores will continue to improve. Google Play recently added code (though not in use yet) that scans its marketplace for malware and retroactively scans personal devices for malicious apps that could have been installed. If proven effective, this security measure will serve as a great leap in mobile security.
- The Digital Wallet—Virtual wallets like Google Wallet and Apple’s Passbook offer users the ability to store their credit cards, coupons, and just about whatever else they desire in the cloud. Shoppers simply need to tap their phones at the register to make a purchase. So instead of slipping a traditional keylogger onto laptops and waiting for victims to enter account information, cybercriminals might now become digital pickpockets going straight for the digital wallet.
- Cyber Warfare—Cyber-attacks against governments and infrastructure have become a popular means of tactical warfare in the past couple of years. Moving forward, we may witness cyber-attacks against communications or utility entities just moments before ground troops roll into new theaters of war. Until then, expect to see more of the small, targeted attacks.
- Hacktivism— Hacktivist groups thrive on publicity and the media is definitely giving them play. Expect to see more hacktivism in the months ahead.
- Increase in Wire Transfer Fraud—A new botnet related to wire transfer fraud, Gozi, will be on the scene shortly. Gozi is feature-rich and professionally coded according to its creator, vor Vzakone, who offered a free test drive to those who can prove they’re in the same business and on the same side. Wire fraud is a frequent occurrence for financial institutions, and the ability to automate it on a botnet level could become a big deal. Expect to see these attacks over the next year, as well as other malware authors utilizing Gozi-like functionality.
Of course, 2012 saw a continuing onslaught of traditional email spam, still the workhorse of the black hats. To illustrate, AppRiver quarantined more than 630 million messages carrying email-borne viruses last year and processed 26.6 billion messages of which 22.9 billion were spam. And, 2013 promises more of the same, along with some extras to keep us guessing.
About the Author
Joel Smith co-founded AppRiver with CEO Michael Murdoch in 2002, bringing with him more than a decade of experience in the technology sector where he focused primarily on network security and e-mail efficiency. Since AppRiver’s inception, Smith has made it a priority to create and deliver mission-critical applications via a SaaS model. Working alongside a creative 25-person R&D staff, Smith has led the charge to bring secure messaging and Web solutions to more than 45,000 customers worldwide. Since AppRiver’s earliest days, Smith has played an integral part in the cloud computing revolution. Businesses are always on the lookout for ways to operate more efficiently with a secure infrastructure they can rely on since e-mail and Web security threats continue to evolve and develop on a daily basis. With AppRiver, any business is granted access to enterprise-grade applications for a fixed cost per employee per year, which is usually a fraction of the traditional in-house IT costs. The ability to adopt on-demand services on a pay-as-you-go basis gives each AppRiver customer greater cost-controls and flexibility. Smith continues to successfully navigate his IT department through this “revolution” by offering innovative products and technologies. He pays close attention to customer feedback and network administrator needs, and by listening to his customers and analyzing the market, Smith develops forward-thinking technology projects that effectively meet today’s growing market demands. Prior to AppRiver, Smith launched Plugit.com, LLC, a successful hosting and Web application company in Pensacola, Florida. At Plugit.com, he architected a scalable and profitable hosting platform that supported a diverse mix of small, medium and large enterprise customers.
Smith studied business at the University of West Florida and completed his bachelor’s degree at Troy University. To learn more about Joel, visit him online at http://www.appriver.com
(Sources: CDM and AppRiver)