Smartphones and seemingly safe sites may be more vulnerable in 2012
Any organization that believes it has shuttered all of the back door channels that hackers used to breach millions of systems last year should double check the locks in 2012, according to security experts.
A cyberthreat forecast by Kaspersky Lab, a Moscow-based Internet security firm, warns there is little doubt the cloud-based storage hack that took down Sony's PlayStation Network for more than a month will spread beyond gaming companies.
Furthermore, the June hack of Citibank's database that stole information from more than 200,000 customers might not be an anomaly, the forecast said. And cyber weapons such as the Stuxnet worm that took down Iran's nuclear weapons program are expected to increase in numbers, even as hacks made in protest by so-called hacktivist organizations such as Anonymous will continue unabated.
Even as the report warns everyone to gird for the attacks that are all too familiar, it also outlines emerging threats to mobile phones and energy company infrastructure.
Tim Armstrong, a malware researcher who works out of Kaspersky's American headquarters in Woburn, Mass., said many new threats coming in 2012 are a result of hackers adjusting techniques used last year and taking advantage of fundamental flaws within systems that have yet to be addressed on an industrial scale.
"Some of these companies haven't had a security focus ever before, so the types of attacks will be a little more creative and systematic," he said.
He used an expected proliferation of mobile malware for Android smartphones as an example.
As Android devices have grown to become the most commonly used smartphone software platform on the planet, opportunities to create malware for the brand's wide-open apps market have grown proportionally.
Apps installed on Apple products that run iOS software currently see less malware than Android products because Apple approves its apps before they are sold and, simply, because there are so many Android apps on the market.
One of the most damaging malware programs used within Android apps last year was the SMS Trojan, malware that would secretly send multiple text messages from a compromised phone to a "premium rate SMS number," a dummy line set up to charge users each time it receives a message.
Hackers pay a percentage to the person who sets up the premium rate number and collect fees from the phony charges.
The practice surged overseas last year but failed to catch on in the United States due to billing cycles that made it difficult for hackers to collect fees.
However, Mr. Armstrong cautioned the hackers could find ways to manipulate American billing cycles or could use the same malware for a different purpose when breaching Americans' phones.
"A hacker can send an SMS message to a premium rate phone number, steal information to identify you as a unique user and use GPS to track down your area to track where in the world they're most successful," he said.
San Francisco-based smartphone security company Lookout Mobile Security identified malware called GG Tracker last year as the first mobile malware that steals from users in the United States.
The company's 2012 Mobile Malware Predictions said the likelihood of an Android user encountering mobile malware has risen from 1 percent at the start of last year to 4 percent as of December.
The report also predicted mobile phones will be infected with malware that attaches users to a botnet, a network of compromised systems working under a single server.
Derick Halliday, Lookout's senior product manager of security, said one of the biggest problems in securing smartphones is that new apps are created by the thousands every day, but new software updates that address security problems come along far less often.
"It's difficult to update software on mobile devices. As a result of that, there are a broad set of devices that exist at any given moment that don't have the most up-to-date software and have potential vulnerabilities," he said.
Mr. Halliday cautioned smartphone users to take extra caution with the apps they download, pay attention to the terms and conditions, and to avoid free apps for pirated games and pornography.
Smartphone security has the ability to affect privacy and pocketbooks, but Kaspersky's report warns targeted attacks on energy companies have the potential to affect everyone's safety.
The company predicted targeted attacks on "natural resource extraction, energy, transport, food and pharmaceutical industries" in the coming year and cautioned that many attacks will come as industry employees visit seemingly safe websites.
Mr. Armstrong noted some attacks could mimic the June 2010 Stuxnet cyber attack.
That worm infiltrated Iran's systems in a way that prevented engineers from seeing problems were present -- a technique that could have life-and-death consequences.
Art Manion, vulnerability analyst for the Computer Emergency Response Team program at Carnegie Mellon University's Software Engineering Institute, said many industries that have not attempted to secure their networks have little incentive to do so unless there are government or industry regulations or until they see a company in their field attacked.
When it comes to overall safety, Mr. Manion said everyone from individual smartphone users to individuals at the highest levels of private and public organizations must get serious about protecting themselves.
"All things become more complicated the more we're connected to networks. There's a huge security issue that comes with this," he said.
First Published January 5, 2012 12:00 am