Cyber-crime in 2012
Kaspersky predicts hacktivism will boom, cyber-warfare will grow
There will be five categories of key players at the top of the cyber-crime game in 2012, according to Costin Raiu, director, Global Research & Analysis, Kaspersky Lab.
At the top of the list of key players in the cyber-crime landscape, are hacktivist groups such as the Saudi and Israeli hacktivists.
"According to our research, the hacktivist groups are at the top, the best examples are the Israeli-Saudi hackers who are hacking each other for national pride reasons; the Anonymous group which will target pretty much anyone they think is worth their attention; the Lulzsec team; the poison team, there are quite a few hacktivist groups to be honest, they are not doing it for money or profit, but for fun and national pride," said Raiu.
The second group of key players is the big military superpowers, which are now using the internet to create a silent war.
"Big military superpowers have discovered the internet and the fact that they can not just fight each other on the internet, but can exploit the internet by doing a cold war silently with cloak and dagger activities, which at the moment, works well for some and not others," said Raiu.
Japan, a country not usually associated closely with cyber-crime activities, recently announced that they are developing a sophisticated virus which they will use, although they did not specify for what, according to Raiu.
The third group, according to Kapersky Lab's research is the big software companies such as Apple, Adobe and Microsoft, because they create the software which runs on all computers and they are the main target for hackers, because hackers need new zero-day exploits to break computers. Hackers can find new zero-day exploits by attacking the big software companies.
"The best example of such software companies is Adobe which was hacked in the Aurora attack. According to some information, the hackers got access to the source code for the Abode PDF reader and that can be used to find new zero-day exploits," said Raiu.
The fourth big player on the cyber-crime landscape is the security companies, because they provide the protection for the world's computers.
"The evolution of attacks in the future will follow the latest developments in security technologies," said Raiu.
The last category of key players is the traditional cyber-criminals and cyber-criminal gangs, Raiu said, which despite the arrest of some prominent gangs, are likely to continue to play a major role in cyber threats.
"Some of the gangs are getting arrested good - examples are the DNSChanger gang from Estonia, which was arrested by the FBI; the Zeus gang have been arrested in Ukraine by the FBI; recently the Koobface gang from St Petersburg were arrested. They created the first Facebook malware, they were recently exposed and their names made public, so now everyone is waiting for the Russian police to take them for prosecution. These groups are the major players, they will be here in 2012," said Raiu.
Raiu also predicted that in 2012, the first cyber-crime trend will be more hacktivist activity; groups hacking each other, hacking government websites and bringing down government websites. They will also expose confidential government information.
"The Indian hackers who broke into several Indian government institutions stole private documents which they made public, the main intent here is to get access to data and make it public, declassify information," he said.
The second trend will be more cyber-war in the Stuxnet and Duqu-style.
Raiu mentioned a Trojan called Lurid, which deviates from the cyber-war style slightly by focusing on different industry verticals.
According to Kaspersky Lab, usually the victims for these types of attacks are in the USA and they are oil and energy companies, but in the case of Lurid, the victims were mostly located in the former Soviet Union and they were companies involved in space travel, space research, energy and nuclear research, government institutions and political institutions.
The third trend is the further rise of cyber-criminal gangs, who will continue to steal money, steal credit cards and infect computers with scareware.
Raiu predicts that there will also be more zero-day attacks against the software companies and malware attacks on Google's Android OS for smartphones and tablets.
"Android has become the main target for malware authors. In November 2011, we received more Android malware than in the past six years for all smartphones, in just one month. It is exploding, criminals have found ways to make smartphone malware to work on Android," he said.