Foreign Policy
Posted By John Reed
Happy almost 2013. IT security firm McAfee has just released a report on what it thinks will be the biggest trends in cyber for the new year. The report list several broad trends that we’ll mention here, as well as a number of specific threats to operating systems such as Windows 8, OS X, and mobile software like Google’s Android OS.
Perhaps most important from a national security standpoint is McAfee’s prediction — echoing that of the Pentagon — that destructive cyberattacks along the lines of Stuxnet will increase in 2013.
Keep in mind that in 2012, we saw the U.S. government acknowledge that U.S. energy companies have been penetrated by hackers who may be trying to access the software that controls things like power turbines — a possible precursor to a destructive attack against the U.S. power system. We also saw the Shamoon virus destroy 30,000 computers belonging to Saudi Arabia’s Aramco oil company, an episode that Defense Secretary Leon Panetta called one of the most destructive cyber attacks to date. Whether released by nations or hacktivist groups, attacks seeking to destroy the victim’s networks and physical infrastructure will grow, McAfee predicts.
“Destructive payloads in malware have become rare because attackers prefer to take control of their victims’ computers for financial gain or to steal intellectual property. Recently, however, we have seen several attacks-some apparently targeted, others implemented as worms-in which the only goal was to cause as much damage as possible. We expect this malicious behavior to grow in 2013.” the report reads. “The worrying fact is that companies appear to be rather vulnerable to such attacks. As with distributed denial of service (DDoS) attacks, the technical bar for the hackers to hurdle is rather low. If attackers can install destructive malware on a large number of machines, then the result can be devastating.”
Who is going to be behind these attacks? Militaries will play an increasingly public role.
“State-related threats will increase and make the headlines,” the report warns. “Suspicions about government-sponsored attacks will grow. Using zero-day vulnerabilities and sophistical malware, some of these attacks may be considered advanced persistent threats [meaning they will use ever-evolving techniques to constantly nibble at public and private networks], while others will involve conventional malware.”
Oh, and don’t forget the possibility of terrorists trying to do a combination physical and cyber attack. “If a group can remotely disrupt a critical infrastructure, such as a defense or communications system, a conventional attack could more easily cause more damage,” according to the report. “We have no evidence that such a terrorist event will occur in 2013, but today our fears of one are not just fantasy.”
McAfee also foresees the rise of more ideologically driven hacker collectives. Some may coalesce to help overthrow Middle East dictators by providing dissidents with secure communications software, while other sometimes independent “patriotic” or ideological groups may execute cyberattacks against countries or organizations they disagree with.
“Patriot groups self-organized into cyberarmies and spreading their extremist views will flourish,” states McAfee. “Up to now their efforts have had little impact (generally defacement of websites or DDoS for a very short period), but their actions will improve in sophistication and aggressiveness. They will fight among themselves, certainly, but their favorite targets will be our democratic societies each time we denounce the extremist governments they support.”
All of these groups will be aided by the rise of what one DoD cyber official told Killer Apps worries him the most: the ever-expanding black market for malware and hackers for hire, or hacking as a service (HAAS), as McAfee puts it, in a play on the term for the software as a service (SAAS) business model. McAfee worries that the hacker black market is evolving from groups of loosely organized forums (basically online hacker bazaars) filled with hackers of all skill levels toward cadres of professionally organized hackers running online businesses providing all sorts of malware to customers.
“Online sales sites modeled on legal trade activities will grow in 2013,” according to McAfee. “On these sites, buyers can make their choices at the click of a mouse, use an anonymous online payment method (such as Liberty Reserve), and receive their purchases without any negotiations or direct contact with the seller. More secure and anonymous, these offers will be easier to find on the Internet. They will also be more diversified. We have already started to see high-level audit services and offers for project development for cybercriminals.”
The report goes on to list a number of specific bugs and software programs that will likely be major areas of malicious cyber activity in 2013. Click here to read it.
