There are small groups of people across the globe who keep their antennae always open to gather info on those who want to create trouble in cyber space. Mr Michael Sentonas, Chief Technology Officer (Asia-Pacific region) of McAfee, leads one such entity.
Ask him, how he would describe the cyber space in 2011, he would term it ‘The Year of Hacker', marked by change, challenge, and chaos.
“With threats evolving in their sophistication, pervasiveness and frequency, the profile of a hacker also underwent a transformation owing to rise in cyber crime that were designed to go under the radar and steal sensitive data from individuals, businesses and governments,” he summarises the year of intense action against such cyber marauders.
Challenges ahead
Mr Sentonas and his ilk are wary that attacks could turn more sophisticated, organised and could have debilitating impact on governments, businesses and individuals.
Kaspersky, the Russian Internet security firm, warns of still more difficult cyber attacks in 2012. It predicts that hacktivist (hackers with activist zeal) will only increase their attacks on State agencies and businesses in the coming year.
“Not only will there be a dramatic increase in the number of targeted attacks on State institutions and large companies, it is also likely that a wider range of organisations will bear the brunt of the expected onslaught,” Mr Alexander Gostev, Chief Security Expert of Kaspersky Lab, says.
McAfee corroborates. “In addition to defacement (the primary activity of hacktivists) and distributed denial of service, these attackers utilised social media for newer avenues.”
Increased awareness on small mistakes too will make the lives of attackers difficult. Conventional methods of attacks that involve e-mail attachments with vulnerability exploits will gradually become less effective, while browser attacks will gain in popularity.
Mobile, new frontier
Kaspersky Lab feels that mobile malware market will continue to target Google Android. The emergence of the first mobile drive-by attacks and mobile botnets (where hackers make targeted devices their slaves) are expected in the New Year.
Mobile espionage will become widespread and will most probably include data theft from mobile phones and the tracking of people using their telephones and geo-location services.
“At the moment, the majority of incidents affect companies and state organisations involved in arms manufacturing, financial operations, or hi-tech and scientific research activities,” Mr Gostev said.
In 2012, companies in the natural resource extraction, energy, transport, food and pharmaceutical industries will be affected, as well as Internet services and information security companies.
Attacks could become more sophisticated that followed conviction of some members of hacktivist groups such as Anonymous and Lulzsec in mid 2011, McAfree observed.
While Anonymous responded to the arrests with a number of revenge attacks — including its OpPayPal, which is believed to have caused thousands of customers to close their PayPal accounts, the arrests are believed to have made LulzSec relatively inactive.
Camaraderie among hackers
Mr James Lyne, Director of Technology Strategy of Sophos, sees professionalisation of cyber attacks.
“Commercial tools are being shared among cybercriminals. These products and services simplify mass generation of new malicious code campaigns and exploits,” he said.
Sophos sees over 1.50 lakh new malware samples every day, up by 60 per cent over last year's figure.
It sees emergence of high-profile targeted attacks, including attacks by rumoured State-sponsored and corporate espionage hackers.