With the new year only a few days old, one of the information technology industry’s biggest security firms is out with its annual predictions of the top cybersecurity threats for 2012.
David Marcus, director of security research with McAfee Labs and a principal co-author of the study, says threats against industrial and industry networks top the list. “A lot of people don’t realize that SCADA [supervisory control and data acquisition] and industrial systems are just as vulnerable to cyberattack as any other network,” he says.
“We tend to think that if anyone is going to target a system, it’s going to be water, electricity, oil and gas, because if you’re going to disrupt the population, that’s where you’re going to go. Those are very much networked technologies these days. Many are accessible via Web pages, and as such, many are waiting to be attacked.” Marcus adds that in recent years, cybersecurity experts have conducted a lot of research on how to identify these systems remotely and, as he puts it, “how to do a lot of malicious stuff.”
Last year, experts concerned about the vulnerability of the electrical grid and networks supporting the nation’s infrastructure suggested creating a separate, closed network isolated from the public Internet to secure these systems. But Marcus says that concept is untested, and he asks, “What we would do in the enterprise world is penetration testing, how does it fail, how does it perform against an attack?”
Another potential threat Marcus sees in the coming year is a rise in the activities of what he calls “hacktivists,” or those who engage in cyberattacks for reasons ranging from simple mischief to politics. Marcus says the rise in the activities of both Wikileaks and the activist group Anonymous last year suggests more hacktivism in 2012 as well.
“You can be PayPal, or you can be MasterCard, and find yourself in the crosshairs of a group like Anonymous or Lulzsec, and that’s a threat you’d better take seriously, because they’ve shown themselves to have a remarkably agile skill set. They can identify weak targets; they have a set of tools that can knock a website offline for a period of time that they can determine.”
Marcus also points out that 2012 is an election year, and he says cybersecurity experts need to be on the lookout for hacktivists seeking to make political points.
The McAfee report also spotlights 2012 as “The Year of Cyberwar,” but Marcus is quick to explain that he does not necessarily believe that a cyberwar is imminent. He makes the case that after years of “being walked on” when it comes to cyberattacks, the U.S. finally reacted last July when the Pentagon released its report on how it will treat cyberspace as an “operational domain.” Included in that report but not highlighted is the suggestion that Defense Department is preparing a doctrine outlining how the United States could retaliate for a cyberattack. And Marcus says it’s time for a public demonstration of what that might mean.
“It’s time to show that we also have sets of tools, we also have capabilities, we have the ability to defend ourselves. I think we’re going to see this push about being more public about capabilities, and I’m not so sure that’s a bad thing, and it has to be done in the correct way.“
Marcus says experts also expect cyberattacks on embedded systems that help a larger device to perform its function to grow in 2012. Last year, McAfee tracked such attacks through a wide variety of platforms in automotive systems, medical devices and utilities.
Finally, Marcus warns that virtual currencies, such as micropayment services like Bitcoin, are a possible target for a cyberattack in the coming year. But he sees a ray of hope in smartphones.
“One of the trends we’re starting to see, and it’s a very good trend, is that many banks and financial institutions are publishing their own dedicated financial banking apps. They allow the user to connect in a secure fashion through that app directly to the banking database. That’s a very secure way to use an application they provided in a sandbox that runs in a very secure way. That’s a very secure methodology.”
The entire McAfee 2012 Threats Predictions report is available online at www.mcafee.com/us/resources/reports/rp-threat-predictions-2012.pdf.