Page 97 - CDM Cyber Warnings February 2014
P. 97
Introduction No doubt that the security scenario has been shocked by
Following the tradition I am imagining the evolution of the cyber revelations of Edward Snowden on the surveillance activities
security scenario for next year, it�s quite easy to predict an conducted by the United States, the former NSA intelligence
increase of the volume of cyber attacks conducted by state- consultant described a complex spying machine that is able to
sponsored actors and cyber criminals. track practically every internet user�s and that conduct an
aggressive cyber policy funded also on the �preventive � cyber
The current year has been characterized by the increase of the espionage on allies and hostile countries. Snowden� s truth has
number of cyber attacks, events such as the Adobe data breach profoundly changed the user�s perception of privacy and as we
remind us the necessity to carefully consider the impact of a will see it will have a serious impact also about the IT industry
security flaw on large audience. The cyber attacks are becoming in the next year.
even more sophisticated, but what is really scaring is that the
�economy� of the attacks is advantaging attackers, their Lets� give a look at principal trends expected for the next year.
investments respect the gained benefits are very limited
differently from the costs faced by companies to protect their Mobile Malware increase
infrastructure.
Following the trend observed this year the number of mobile
The cybercrime will intensify its action, in particular thanks to malware will continue to increase becoming even more
the model of sale known as �malware-as-a-service� a growing sophisticated. Multiplatform malicious code will target the most
number of non professional cyber criminals will be attracted by popular mobile OSs, Android, iOS and Windows Mobile. Mobile
the possibility to easily monetize their efforts with illegal cyber users are surpassing desktop ones the awareness of cyber threats
activities. is very poor, the majority of mobile users doesn�t adopt defensive
measures and wrong habits expose them to risks of cyber attacks.
Java will probably remain highly exploitable platform because A growing number malware specifically designed for mobile
the victim� s system will continue to run older versions of the architectures will be observed during the next year, the
popular framework. underground market will continue to propose software to
�trojanize� also legitimate application, due this reason it is
The offer of exploiting kits on the underground market will essential always refers the official stores.
grow exponentially, it is expected that new tools will be more
effective and user-friendly able to automatically compromise Mobile malware will further complicate the threat landscape
vulnerable systems based non only on Java application. especially for workspace, a growing number of devices will be
improperly used by their owners, the promiscuous use in private
It is easy to predict also an increase in the number of state life could enlarge in unpredictable way the surface of attack of
sponsored hacking campaigns for both sabotage and cyber businesses, that�s why BYOD paradigm will assume a crucial
espionage. role for private industries.
A last reflection on mobile malware is related to their extension
to Industrial Control Systems, and Internet of Things, a
concerning trend that will be consolidated in the next months.
State-sponsored hacking – the army race
The number of state-sponsored attacks is destined to rapidly
increase due the great effort spent by governments and the huge
investment in the development of new cyber capabilities. State-
sponsored attacks are characterized by a high level of
sophistication and the implementation of efficient avoidance
techniques, in the majority of cases attackers exploit zero-day
CYBER DEFENSE MAGAZINE - ANNUAL EDITION 97
