Security Experts:

McAfee Unveils Threat Predictions for 2012

McAfee has come forward with its list of 2012 threat predictions, part of a longstanding tradition in the InfoSec community, which outline what it sees as the largest obstacles to personal and organizational security in the coming year.

McAfee Logo

“Many of the threats that will become prominent in 2012, have already been looming under the radar in 2011,” said Vincent Weafer, senior vice president of McAfee Labs.

“Over the past year, the general public has become more aware of some of these risks, such as threats to critical infrastructure or the impact of hacktivism as they gain international media attention. In the meantime we continue to see cybercriminals improving their toolkits and malware and are ready to make a significant impact in 2012.”

McAfee’s Top Threats to Watch for in 2012 include:

Industrial Attacks

Water, electricity, oil, and gas are essential to people’s everyday lives, yet many industrial systems are not prepared for cyberattacks. As with recent incidents directed at water utilities in the United States, attackers will continue to leverage this lack of preparedness, if only for blackmail or extortion in 2012.

Mobile Threats: Attackers will bypass PCs

In 2012, mobile attackers will improve on their skill set and move toward mobile banking attacks. McAfee Labs expects attackers will bypass PCs and go straight after mobile banking apps, as more and more users handle their finances on mobile devices.

Hacktivism

2012

Joining forces online and on the front lines McAfee Labs predicts that in 2012, either the “true” Anonymous group will reinvent itself, or die out. Additionally, those leading the digital disruptions will join forces with physical demonstrators, and will target public figures such as politicians, industry leaders, judges and law-enforcement, more than ever before.

Cyberwar: Flexing its muscles

Will 2012 be the year of Cyberwar, or merely a showcase of offensive cyberweapons and their potential? McAfee hopes it’s only the latter, but says the situation’s growth during recent years makes an eventual cyberwar nearly inevitable.

Countries are vulnerable due to massive dependence on computer systems and a cyberdefense that primarily defends only government and military networks. Many countries realize the crippling potential of cyberattacks against critical infrastructure, such as water, gas and power, and how difficult it is to defend against them. McAfee Labs expects to see countries demonstrate their cyberwar capabilities in 2012, in order to send a message.

Rogue Certificates

Untrustworthy and undetectable Organizations and individuals tend to trust digitally signed certificates, however, recent threats such as Stuxnet and Duqu used rogue certificates to evade detection. McAfee Labs expects to see the production and circulation of fake rogue certificates increase in 2012. Wide-scale targeting of certificate authorities and the broader use of fraudulent digital certificates will affect key infrastructure, secure browsing and transactions as well as host-based technologies such as whitelisting and application control.

Embedded Hardware: The Promised Land for sophisticated hackers

Embedded systems are designed for a specific control function within a larger system, and are commonly used in automotive, medical devices, GPS devices, routers, digital cameras and printers. McAfee Labs expects to see proofs-of-concept codes exploiting embedded systems to become more effective in 2012 and beyond. This will require malware that attacks at the hardware layer, and will enable attacks to gain greater control and maintain long-term access to the system and its data. Sophisticated hackers will then have complete control over hardware.

Advances in Operating Systems Moves Hackers “Down and Out”

New security features baked into the core of the operating system will cause hackers to find alternate entryways: down into the hardware and out of the operating system.

Attacking hardware and firmware is not easy, but success allows attackers to create persistent malware in network cards, hard drives and even system BIOS (Basic Input Output System). McAfee Labs expects to see more effort put into hardware and firmware exploits and their related real-world attacks through 2012.

DNSSEC will Drive New Network Threat Vectors

DNSSEC was designed to protect name-resolution services from spoofing and cache poisoning by using a “web of trust” based on public-key cryptography to prevent a client computer from inadvertently communicating with a host as a result of a “man-in-the-middle” attack. Such an attack redirects the traffic from the intended server (Web page, email, etc.) to another server.

Unfortunately, DNSSEC would also protect from spoofing and redirection any attempts by authorities seeking to reroute Internet traffic destined to websites that are trafficking in illegal software or images. For a government to redirect traffic, it would need to be considered authoritative from the root-level domains, which is a level of trust that other governing bodies would hesitate to grant if they knew that the result would be the suppression of Internet content based on the opinions of foreign governments.

Governing bodies around the globe are taking greater interest in establishing “rules of the road” for Internet traffic, and McAfee Labs expects to see more and more instances in which future solutions are hampered by legislative issues. The result, McAfee says, is that the Internet of tomorrow will probably look like the Internet of yesterday for a longer time than the security industry would like to see.

For the curious, McAfee’s 2012 Threat Predictions report can be downloaded directly here

At SecurityWeek, we have put our own fortune-telling abilities to good use and pulled together five interesting predictions of our own with input from some of the security vendors.

Subscribe to the SecurityWeek Email Briefing
view counter
Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.
view counter