Following analysis of the key security incidents that shaped 2013, Kaspersky Lab’s experts have prepared their business, end-user and Internet forecasts for 2014. Not surprisingly, much of the forecasts are connected to the fallout from the Snowden revelations.
Cloud storage providers
Hackers are targeting cloud service employees, seeing them as the weakest link in the security chain. A successful attack targeted at employees of cloud storage providers could hand cybercriminals the keys to huge volumes of data. In addition to data theft, attackers may be interested in deleting or modifying information; especially in cases where manipulated misinformation could be worth even more to those who commission the attacks.
The theft of popular product sources amongst, for example, the gaming industry and mobile app developers, gives attackers an excellent opportunity to find vulnerabilities in the products and then to use them for their own fraudulent purposes. Additionally, if cybercriminals have access to the victim’s repositories, they can modify the program source code and embed backdoors into it.
Snowden’s leaks have demonstrated that one of the goals of cyber espionage between states is to provide economic aid to strategic companies. This factor has broken down ethical barriers which initially restrained businesses from using unconventional methods to compete with their rivals. Accordingly, we are likely to see companies employing cyber-mercenaries – organised groups of qualified hackers who can offer tailored cyber-espionage services.
World-wide Web Forecast
Alexander Gostev, Chief Security Expert for Kaspersky Lab’s Global Research & Analysis Team, notes that “Snowden’s revelations have intensified the demand for rules prohibiting the use of foreign services. These aspirations will grow ever stronger and legislative restrictions will inevitably transform into technical prohibitions. The next step will most likely be attempts to limit foreign access to data inside a country.”
Several countries have adopted or are planning to adopt legislation prohibiting the use of foreign services. In November, Germany announced that all communications between German authorities would be fully locked within the country. Brazil has also announced plans to build an alternative Internet channel so as not to use the one that goes through Florida (USA).
End User Forecast
Cyber criminals will target…
After the Snowden revelations of 2013, end users are becoming more active in seeking approaches to protecting the information stored on their computers and devices, as well as ensuring their online behavior remains confidential. This will lead to greater popularity for VPN services and Tor Anonymisers, as well as increased demand for local encryption tools.
In 2014, Kaspersky Lab experts expect cybercriminals to continue developing tools to steal cash – directly or indirectly. To plunder pockets directly, the fraudsters will further refine their tools designed to access the bank accounts of mobile device owners through mobile phishing and banking Trojans. Mobile botnets will be bought and sold and will also be used to distribute malicious attachments on behalf of third parties.
To support indirect thefts, it is likely that we will see more sophisticated versions of the Trojans which encrypt data on mobile devices; preventing access to photos, contacts and correspondence until a decryption fee is handed over. Android-based smartphones will no doubt be the first to be targeted.