The year ahead will feature new and sophisticated means to capture and exploit user data, as well as escalating battles over the control of online information that threaten to compromise content and erode public trust and privacy.
Those are the findings cited by the Georgia Tech Information Security Center and the Georgia Tech Research Institute in their report, Georgia Tech Emerging Cyber Threats Report for 2012.
According to GTISC, GTRI and the experts cited in the report, specific threats to follow over the coming year include, among others:
- Search Poisoning – Attackers will increasingly use SEO (search engine optimization) techniques to optimize malicious links among search results, so that users are more likely to click on a URL because it ranks highly on Google or other search engines.
- Mobile Web-based Attacks – Expect increased attacks aimed specifically against mobile Web browsers as the tension between usability and security, along with device constraints (including small screen size), make it difficult to solve mobile Web browser security flaws.
- Stolen Cyber Data Use for Marketing – The market for stolen cyber data will continue to evolve as botnets capture private user information shared by social media platforms and sell it directly to legitimate business channels such as lead-generation and marketing.
“We continue to witness cyber attacks of unprecedented sophistication and reach, demonstrating that malicious actors have the ability to compromise and control millions of computers that belong to governments, private enterprises and ordinary citizens,” said Mustaque Ahamad, director of GTISC.
“If we are going to prevent motivated adversaries from attacking our systems, stealing our data and harming our critical infrastructure, the broader community of security researchers—including academia, the private sector and government—must work together to understand emerging threats and to develop proactive security solutions to safeguard the Internet and physical infrastructure that relies on it.”
The report was released at the annual Georgia Tech Cyber Security Summit. The summit was keynoted by Admiral William J. Fallon, U.S. Navy (retired) and included a panel of security experts from Equifax, The Financial Services Roundtable, Mobile Active Defense, Reputation.com and GTRI.
“Our adversaries, whether motivated by monetary gain, political/social ideology, or otherwise are becoming increasingly sophisticated and better funded,” said Bo Rotoloni, director of GTRI’s Cyber Technology and Information Security Laboratory. “Acting as individuals or groups, these entities know no boundaries, making cyber security a global problem. We can no longer assume our data is safe sitting behind perimeter-protected networks. Attacks penetrate our systems through ubiquitous protocols, mobile devices and social engineering, circumventing the network perimeter. Our best defense on the growing cyber war front is found in cooperative education and awareness, best-of-breed tools and robust policy developed collaboratively by industry, academia and government.”
The entire report is available at http://gtsecuritysummit.com/report.html.