What's the Point of Yearly Virus-Threat Predictions?
There's something about the unknown that turns people into wannabe prognosticators. If there's a prediction to be made, somebody will make it. So as we approach 2012, sportscasters are picking the Super Bowl winner and political pundits are scrambling to predict the Republican presidential nominee.
Not to be left out of the action, security vendors large and small have been putting together lists of 2012 threat predictions. And just as Christmas lists to Santa are dominated by the year's hottest toys and gadgets, the different threat predictions sound mostly the same.
Most security vendors predict social-media attacks and fraud will increase. Many foresee a successful attack on a power plant or water facility. Several mention that cybercriminals will increasingly target small and midsize businesses. And almost all see more attacks upon smartphone and tablet platforms.
Another year, same predictions
Let's face it: Those predictions are pretty easy to make, even for people who don't closely follow security trends. For example, smartphone and tablet use is exploding, so it would defy common sense not to predict mobile malware will rise in 2012.
Cybercriminals go where the bulk of the users are, and the end of 2011 was filled with news about malicious Android-based apps and vulnerabilities, possible attacks upon infrastructure facilities, and Facebook and Twitter scams. Those trends won't change just because the calendar flips from December to January.
So what else will happen in 2012? Well, the Tacoma, Wash., security firm Internet Identity predicts the Summer Olympic Games in London will be used to deceive people into opening malicious emails and going to malicious websites. Of course they will be just as the NCAA basketball tournament, the Democratic and Republican presidential conventions and every other major event in the coming year will be used as bait for similar schemes.
One could even go out on a limb and predict some major celebrity will get married or die and the news will be used to spread malware. Cybercriminals have been using stories of major events as a way to scam the general public for years.
Some predictions make more of an impression, however. Spain's Panda Labs, for instance, predicts a rise in Mac malware. In a press release, the company said: "As the market share of Mac users continues to grow, the number of threats will grow. Fortunately enough, it seems that Mac users are now more aware that Mac is not immune to malware attacks, and they are increasingly using antivirus programs, hindering cybercrooks. The number of malware specimens for Mac will continue to grow in 2012, although much less than for PCs."
Overall, that isn't a terribly bold prediction, but many Apple computer users kick and scream over the idea that their sacred Mac OS X could be hit with malware. So alerting them ahead of time may be a good idea.
Some predictions are based on the big news of the previous year. The biggest security stories of 2011 were the rise of "hacktivist" organizations such as Anonymous and the "advanced persistent threats " that broke through the network firewalls of some very large corporations.
Based on recent events, it isn't surprising that many threat-prediction lists would include more large-scale breaches and organized attacks. The Help Net Security blog adds an educated guess that, with the next major breach, corporations will get wise and change the way they deal with employee password protection.
True, it is a little easier to predict the future when you're basing it on what recently happened. But for a clearer vision of threats yet to come, the Ghost of Security Future needs to work a bit harder.
At the end of 2010, McAfee correctly predicted a rise in hacktivism for the coming year, but in general, nobody foresaw the massive Sony PlayStation Network data breach, the hack into the security-token supplier RSA, the subsequent data breach of the defense contractor Lockheed Martin, and so on. Nor were there predictions that 2011 would see forceful breakups of cybercrime rings and the takedown of several powerful botnets.
So are threat predictions really all that useful? Actually, they are.
Those on the front line of information security need to be proactive. They need to anticipate what could happen in order to protect not only computer networks but the millions of computer and smartphone users who aren't thinking about security at all.
For those who work in any capacity in the security industry, the annual threat predictions provide a basis for dialogue. The predictions also remind us that even though cybercriminals have been getting more sophisticated, they still depend on many tried-and-true methods to steal our personal and financial information.