CSO - With another New Year comes a "new" flurry of predictions across all industries. I say "new" because if we do some homework, we can see that many of these so-called "predictions" are actually spun off of technology trends over the past decade.
But no matter, humans are creatures of habit and thus we will perpetually create shiny new trends and predictions for consumers each year like clockwork. My take on the whole thing, as you have most likely already deduced, is that these pieces are actually not at all innovative, nor are they helpful. Many of them attempt to persuade readers to purchase a product -- usually a vendor-specific one -- to help users avoid said "threats" in the coming year.
Despite all of this, I have pulled together the predictions that will most likely be pushed upon the end user market as "terrifying threats" in 2013 -- along with tips to battle each one with your own common sense.
Frequent unwelcomed guests
If you leave the front door to your house wide open, chances are someone is going to walk in. Well, the same goes for your hardware (and always has).
The top party crasher to look for in 2013 will continue to be mobile malware. One of the developing ways for distribution of this attack is through app stores. Due to vendor-exclusive control over each individual app store, not all of them can staff enough personnel to personally gut each application for the store's own security standards. This means that the free, five-star app in the Apple apps store may contain malicious coding in the Google Play store, and so on.
Want to avoid letting this guest into your device? Read the reviews, pay attention to ratings and don't store pertinent information on your device.
[Also read Bill Brenner's Stop them before they predict again!]
The second unwelcomed guest to keep an eye out for is social media distributed attacks. The Skype-targeted attack Dorkbot opened eyes to this threat in 2012, when accounts were hacked to distribute a link that lead to ransomware.
How can end users avoid this type of attack in 2013?! Simple -- stop clicking on spam-like links that your "friends" would not normally send out. Is the link from someone you barely know, or don't know at all? Great, you've touched on another tip -- stop following strangers on social networks just to boost your own numbers. One of them could be a cybercriminal in disguise, waiting for the right moment to wage war on your machine.
Modern ransom notes climb
It's not rocket science, people. The economy is doing poorly, no matter where you turn. Cybercriminals have found success issuing spam links that lock a user's system in exchange for ransom. Put two and two together, and you have it -ransomware. Criminals are always going to find a way to make money, especially during economic downturns.
Want to protect yourself? Easy! Stop clicking!
What's that buzzing sound?
Is anyone else out there sick of seeing terms like "Advanced Persistent Threat" (APT), "hacktivism" and "BYOD"? So am I, but you can guess there's another flurry of buzzwords just around the corner. Each year, a new "hot" buzzword gives everyone something to clamor about -- vendors and journalists alike.
Let's call it like it is, shall we? BYOD, we're sick of you and you've been around since Y2K. APT, you sound really techy and important, but *most* of today's mass cyberthreats are in fact advanced and persistent. Finally, hacktivism -- you were created to justify a means to an end for hackers.
Marketers beware: We are onto you!
Government plays ball
Remember "Operation Olympic Games", the birth of Stuxnet from the United States and Israeli governments? So do I -- it happened in 2010, and still today we're seeing "innovative" predictions about government-sponsored malware. Is it legal? Well, that's something I'm not inclined to make a statement about, but this is certainly something that we should not be surprised to see more of in 2013. Not to worry -- unless you are a nuclear plant in a targeted country, your machine is safe from these attacks.
Each year predictions are made, and warnings issued. Yet, we still find ourselves surprised when attacked and more unprepared than we thought we were. It's time to apply the same logic we do in the real world when interacting virtually. In 2013 I urge everyone to think before they click and if something doesn't appear to be legitimate it probably isn't.
Dominique Karg is co-founder and Chief Hacking Officer at AlienVault.
- Securing Mobility, From Device to Network At one time, the process of managing and securing mobile devices and applications was fairly straightforward. Most organizations worried about one application (email)...
- Data Protection eGuide In this eGuide, CSO and sister publications IDG News Service, Computerworld, and CIO pull together news, trend, and how-to articles about the increasingly...
- Warning: Cloud Data at Risk Experts agree that relying on SaaS vendors to backup and restore your data is dangerous. Yet that's exactly what huge portions of the...
- The Opportunities and Challenges of the Cloud In this report F5 poses questions to IDC analysts, Sally Hudson and Phil Hochmuth, on behalf of F5's customers to better understand the...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!