BAE Systems Detica has listed its top 5 predictions for cyber security threats to be faced during 2013.
1 Further nation state cyber revelations - nation states gear up
An increasing number of nation states will have a credible level of cyber attack capability. For some this is a natural evolution of their military capability, for others it is part of the game of international espionage. Similarly, the actors behind these capabilities vary from the suited salesmen selling professionally developed toolkits like FinFisher, to hired hackers, complex networks of privateers and new cyber Armed Forces. The trail of digital breadcrumbs from cyber espionage has in the past revealed campaigns of ambition and scale which could only be conducted with nation state backing. Whilst it has been widely reported that Chinese and Russian threat actors regularly conduct cyber espionage against other nations’ businesses, we believe 2013 will contain further revelations showing other nation state actors are also actively involved in this kind of international espionage and cyber warfare activity.
2 Professionalisation of a cyber attack industry
2013 will also see the further maturing of a cyber attack industry, with clients paying cyber criminals for access to a company’s secrets, rather than paying simply for the technology. We anticipate that a whole effective and efficient service industry will grow in this area offering tailored attack and information exfiltration services to those that wish to make use of them. Services will be engaged anonymously to order and the cyber goods delivered to the client’s door, without the need to employ the technology themselves.
3 Increased attacks against the supply chain
As large organisations become aware of the threat they face, they consolidate and harden their defences forcing adversaries to seek alternative routes in. One method of entry is by exploiting trusted relationships with third-party organisations such as partners and suppliers. We have noticed an increase in this style of attack in recent months from sophisticated actors, and predict this trend will continue in 2013.
4 Deployment of ‘adaptive security architectures’
Likely targets are starting to recognise the need to be able to alter their security stance in response to credible intelligence without crippling the business. Effectively building in a ‘paranoia dial’ into their systems that allows them to turn the dial up in circumstances of high threat to reduce attack surfaces, move to more secure but limited configurations, move transactional processing from real time to batch and increase monitoring/response team availability. They will also require the consequent ability to turn the dial back down when the threat passes to increase business agility and reduce costs. This is something starting to develop in a few very large systems likely to operate under high threat, but will start to trickle down as the concepts are defined and documented.
5 Cyber crime becomes mobile-enabled
Until recently there were only a handful of major cyber crime malware families, such as Zeus and SpyEye. Leaks of source-code from these highly effective data-stealers has led to mutant variants, each with their own features and customisations to make detection harder. This trend will likely continue in 2013, as budding authors learn from past examples, and then compete with each other to develop more advanced and resilient malware. Combined with this, instances of attacks on mobile devices are increasing rapidly – most apparently in regions which are hotbeds of other malicious cyber activity, such as Eastern Europe and the Far East. However, recent proof of concept attacks such as that against the Samsung Galaxy could quickly be turned into ‘in-the-wild’ attacks by incorporation into one of many cyber crime exploit kits. These exploit kits are becoming increasingly cross-platform and the leap to mobile devices could cause an avalanche of attacks in 2013.