The past 12 months were marked by major events in computer and network security. The Stuxnet worm demonstrated that malware could cripple an Iranian uranium enrichment plant, while managers of SCADA systems worldwide began to discover and patch unsuspected vulnerabilities. Security researchers scored success in taking the Coreflood and DNS Changer botnets offline, but the botnet threat remains high. Hackers from the Anonymous collective took major banks offline and threatened critical infrastructure installations. Mobile telephones emerged as tempting targets for intruders. Sophisticated, coordinated malware outbreaks spawned fears of government-sponsored cyber attacks.
Things couldn't get much worse, right? Well...maybe. For a preview of the year ahead, we consulted a senior analyst from FortiGuard Labs, whose research suggests that we will see eight major developments in computer and network security in 2012. Here is a quick overview of the trends:
Ransomware on mobile devices: Ransomware an infection that takes control of a system until a ransom payment has been delivered is a significant threat on laptops and desktop systems. The malware is poised to spread to smart phones and other mobile devices. Ransomware is typically bundled with social-engineering tricks to give hackers root access to infected devices, affording attackers more control and elevated privileges. Look for ransomware to begin infecting mobile devices this year.
Worms to target Android platform: Android systems have so far not suffered from many worms, which propagate quickly from one device to another. This is likely to change in 2012. Unlike previous malware targeting mobile devices, future outbreaks will likely come from poisoned SMS messages containing links to rogue applications, or through infected links on social networks such as Facebook and Twitter.
Polymorphic malware on Android: Malware targeting the Android platform continues to grow more sophisticated. During 2011, Android users suffered from attacks employing encryption, exploits, emulation detectors, and botnets. It is only a matter of time before this list includes polymorphic malware, which mutates over time. Polymorphic applications are extremely difficult to detect and destroy. So far, hackers have targeted only Windows-based mobile phones with polymorphic malware. As Android grows more powerful and more widely used, however, it becomes a more tempting target.
Progress against money launderers: For years, cybercriminal syndicates have conducted money laundering operations and committed fraud with relative impunity. It is very difficult, after all, to track funds that are routed through networks of mules and illegitimate payment processors. Anonymous fund-transfer services, human networks, and payment-processor safe havens have made money laundering pretty safe. That is about to change, however, as government gains access to more sophisticated technologies for tracking criminals and transactions. The recent arrest of ChronoPay CEO Pavel Vrublevsky, who is accused of hacking Aeroflot's website and preventing visitors from buying tickets, is a harbinger of prosecutions to come.