Trusteer Predicts a Growth in Cybercrime
Trusteer, a provider of cybercrime prevention solutions, released Tuesday what it predicts will be the five leading cybercrime trends in 2012 based on intelligence gathered by its research organization.
Prediction 1: 2012 will see new multipurpose multi-functional malware. Trusteer predicts malware, originally designed for one purpose, will evolve to pose a new threat with a malicious undertone. Non-financial viruses will morph to become financial malware and be used to commit online banking fraud. Conversely, existing financial malware will adopt features introduced in non-financial advanced persistent threat attacks. Over the next 12 months perimeters will face an onslaught from various sources, viruses going financial, APT style technologies in ZeuS code derivatives manipulated by new coders and in other commercially available malware kits.
Prediction 2: We’re on the verge of malware globalization. Next year, cybercrime software developers will realize their dreams of global domination as Trusteer expects to see widespread resale and repackaging of malware. This means code, originally designed specifically to target one geographical location, will be adopted and translated to target other regions or even countries. The end result will see terms such as “regional malware” and even “malware free countries” cease to exist as everyone, regardless of where they are, come under attack from cybercrime.
Prediction 3: Cyber criminals will up their game and improve evasion techniques. Ultimately, a cyber criminal’s focus is on infecting the user’s PC and remaining undetected for as long as possible. It makes sense, therefore, that they will continue to improve their evasion techniques to hide the rogue program or mimic that of another program. But be warned, where evasion techniques are unsuccessful, fraudsters will resort to developing malware designed to attack and destroy existing protection, with the premise that the organization, and its users, may not notice they’re vulnerable to attack.
Prediction 4: Personal information, disclosed on social networks, will be used in social engineering attacks against the enterprise. Fraudsters, all too aware of the valuable intelligence freely available social networks, are starting to mine these data sources to capture the personal details needed to successfully complete social engineering attacks. Trusteer predicts this will manifest itself over the coming year as an enterprise issue. As a crude example, if an enterprise uses a secret question for password retrieval, it’s feasible that an individual’s answers could be researched via the net, the password reset and the legitimate account used to compromise the organization.
Prediction 5: The move to SaaS allowing malware attacks on enterprise applications. Many organizations, in an effort to reduce the cost of enterprise applications have moved to SaaS. However, as part of this process, many have outsourced services to external websites without first carefully considering the security risks it presents. While the damage that can be done has not yet been evident, Trusteer’s prediction is that it will become apparent over the next 12 months. Its belief is that many organizations will spend 2012 fighting fires, backtracking and perhaps having to withdraw these services.
“Cyber criminals are successfully defeating security controls across the globe and in all industries. They have moved from the shotgun approach to a marksman’s methodology, becoming focused on the institutions they target,” said Amit Klein, CTO for Trusteer. “More organized than ever before, cyber criminals now study their prey and learn their security controls so then can bypass them and commit fraud.”
Key principles in fighting 2012 cybercrime
Searching for security solutions that can turn the table on cyber criminals and maintain the upper hand requires a closer look at the shared attack vectors of successful cybercrime schemes.
First, malware residing on the machine abuses the trust a user places in the browser and the rendered site, through which fraudsters can initiate an endless number of social engineering attack variations. Secondly, malware that has free access to application and system resources will eventually leverage technology and social engineering to penetrate any security control.