Mobile malware a major cybersecurity threat for 2013


McAfee released its annual 2013 Threat Predictions report on Dec. 27, based on the cybersecurity firm's analysis of data on malware, vulnerabilities and online threats in 2012. In the coming year, McAfee Labs expects that threats to mobile devices will become even more of a focus of cybercriminals, the influence of a major "hacktivist" group will decline, and large-scale attacks that attempt to destroy infrastructure will increase.

“Cybercriminals and hacktivists will strengthen and evolve the techniques and tools they use to assault our privacy, bank accounts, mobile devices, businesses, organizations and homes,” said Vincent Weafer, senior vice president of McAfee Labs in a statement accompanying the report.

McAfee Labs foresees the following trends for 2013.

Rapid evolution and growth in mobile malware
In 2012 McAfee Labs saw the number of mobile threats increase dramatically as "ransomware" expanded into mobile devices. The development and deployment of increasingly sophisticated ransomware technologies that will lock up a phone or tablet -- and threaten to keep it that way until a ransom is paid -- will be a prominent trend in 2013, according to the company.

"The harsh reality of these schemes is that users have no way of knowing if their device will be unlocked even if they do meet the perpetrator’s demands. Since attackers hijack the users’ ability to access data, victims will be faced with either losing their data or paying a ransom in the hope of regaining access," the report stated.

In addition, a new mobile worm will go on a major shopping spree in 2013. The Android/Marketpay.A Trojan horse program buys apps without user permission. In 2013 cybercriminals will take this malware’s app-buying payload and add it to a mobile worm so attackers won’t need victims to install a piece of malware, the report stated.

McAfee also warned that mobile phones with near field communication (NFC)-enabled “digital wallets” are an easy target for cyber-thieves. Attackers will create mobile worms with NFC capabilities to steal money via the “bump-and-infect” method, most commonly used in areas with dense populations like airports and malls.

The decline of Anonymous
Due to many uncoordinated and unclear operations and false claims, the Anonymous hacktivist movement will slow down in 2013, according to McAfee. Anonymous’ level of technical sophistication has stagnated and its tactics are better understood by its potential victims, and, as such, the group’s level of success will decline, McAfee predicted. While hacktivist attacks won’t end in 2013, if ever, they are expected to decline in number and sophistication.

At the same time, nation states and armies will be more frequent actors and victims of cyberthreats, the report said. Patriot groups self-organized into cyberarmies have had little impact up until this point, but their actions will improve in sophistication and aggressiveness. In 2013, McAfee predicted, many more of the world’s military units will be on the front line of social networks communicating more frequently. State-related threats will increase and make the headlines while suspicions about government-sponsored attacks will grow, the report added.

The rise of large-scale attacks
Recently, McAfee Labs has seen several attacks in which the only goal was to cause as much damage as possible -- a behavior expected to grow exponentially in 2013. If attackers can install destructive malware on a large number of machines, the result can be devastating, the report explained. To keep businesses running, production networks and control systems should remain separate from the normal network, to prevent it from getting hit in the first place, the company advised.

Click here to access a copy of the full report.