The proliferation of mobile devices and the features that come with them have been life-changing. Ok, that might be an exaggeration, but it’s pretty neat that we can deposit a check from the click of a camera, book a hotel room from the tips of our fingers and call someone while watching a video. The capabilities of the Internet have no downside. Except for a little thing called cybercrime.
Symantec (News - Alert) is one of the world’s largest software companies, providing security, storage and systems management solutions to help customers secure and manage their information-driven world against more risks at more points. I had the chance to speak with Kevin Haley, a director with Symantec security response, about security predictions in 2013.
One of the first predictions the company made is that cyber conflict will become a norm. In 2013 and beyond, conflicts between nations, organizations and individuals will play a key role in the cyber world.
“Looking at it from a media standpoint, it’s almost like I have the expectation of if someone gets broken into, it’s really not news anymore because it’s something that happens so often,” said Haley. “We’ve certainly seen more of it this year and we’ve also seen an expansion into the types.”
Whether it’s government vs. government, other types of entities, or private citizens vs. companies, cyber conflict will become routine. Citizen activist groups can target a corporation they have an issue with and use it as a cyber protest, or a similar act of hacking purely to “send a message.”
“The expectation is that we’ll see more of that as more and more conflicts that are played out in real life actually start playing out on the Internet,” said Haley.
Image via Shutterstock
Ransomware is another prediction for the upcoming year. Cybercriminals have figured out a way to force computer users to hand over money.
“Instead of trying to fool you into thinking you have malware on your machine and pay these guys to get it off, the bad guys are actually going to take control of your computer and ask you to pay them off or give them a ransom in order to get access to your computer.”
Symantec recently published a whitepaper, “Ransomware: A Growing Menace,” that details the growth of this trend and how to mitigate strategies. Given the number of different gangs operating ransomware scams, the whitepaper estimates that more than $5 million dollars a year is being extorted from victims.
“We will start to see this go really mainstream and see a lot of new different versions of that,” said Haley. “The hyping up of the emotional stakes gets people very, very upset. Even worse, if you do pay the $200 to ransom, you are still unlikely to get your computer unlocked, because once they have your money they don’t care whether you get your computer back or not.”
Symantec’s first piece of advice? Never pay them. Symantec offers tools to get it off your machine. It’s better to have good security software so ransomware is less likely to happen in the first place, but there are tools to help find and get rid of it.
In the mobile space, downloading apps for free come at a cost. If you’re willing to download an app for free, you’re also willing to see some advertisements while playing a game or running an app.
“What the madware guys are doing is actually pushing the envelope on that. Advertisements will get put in your ringtone so you will hear an advertisement every time someone calls you up. Or into your message tray, so it will show up looking like a text message or some sort of notification from the phone even when you’re not using the application,” explained Haley. “And in fact, if this behavior annoys you and it’s not something you agreed to in, order to get the application you actually don’t even know that that’s where it’s coming from. So you can’t even identify what’s causing these ads to pop up on your phone.”
“We’ve seen an increase of the less popular apps as they do more and more to monetize their application,” Haley said. “They add more and more of these ad networks and they add very aggressive things like this to it. So this monetization of free apps is going to create a lot of craziness on people’s phones.”
The numbers of malware on mobile devices is dwarfed by the numbers on PCs, but the issue is still there and poised to grow.
“As more people move to the mobile devices and the cloud, the bad guys will be going there as well because they do follow people. We’ll see a dramatic increase in those numbers in mobile and in the cloud as we move into 2013.”
This includes the emerging bring your own device (BYOD) trend of using a single device for both personal and business use.
“What we’ll see is attackers who are trying to get in to steal corporate information using personal applications as a way to get in there,” explained Haley. “If I can hide inside a game application, get on the user’s phone and then when the user goes on the corporate network, I can pop off and see what I can steal. That sort of thing is inevitable. It’s really going to be important for IT to manage the devices and the applications to protect themselves against that.”
As cybercrime becomes more and more common, don’t make the mistake of thinking it can’t happen to you.
“The basic rules haven’t changed in terms of protecting yourself,” said Haley. “The message I would send is that it’s more important now than ever. We do surveys of small businesses and we find consistently that they don’t believe that anybody would target them for an attack. There are a lot of people that maybe are concerned about this sort of thing but are not taking steps to protect themselves.”
Edited by Rich Steeves