SEOUL, South Korea, January 9, 2012 /PRNewswire/ --
- Sophisticated advanced persistent threat (APT) attack routes top AhnLab's greatest threats for 2012
- Threats to smartphones, SNS and cloud-computing among most serious threats for 2012
AhnLab, Inc. (http://www.ahnlab.com), a leading provider of integrated security solutions, today announced the top 7 security threats for 2012. Among these threats, sophisticated APT (Advanced Persistent Threat) attack tops the list. The remaining 6 threats include: heightened threat-levels for smartphones; increasing security threat through SNS; localization of threats that exploit applications' vulnerabilities; increasing targeted threats for infrastructure system of specific country or industry; threats targeting cloud computing and virtualization environment; and finally, an increasing threat to the connected systems via network.
1) Evolving APT Attack
APT attacks targeting enterprises and organizations will continue in 2012, and the method to deliver the attack is expected to become increasingly sophisticated. Hitherto, the major attack route used for APT attack was sending a fake work email to specific members of enterprises or organizations targeted. The attackers collect email addresses and other information such as friends and personal network via SNS, then attach the malicious attachment with vulnerabilities or insert malicious URL to the fake email. In this case the attacker is impersonating somebody trusted by the target based on the information collected via SNS. Some attackers modified update files of the commercial software widely used by the business. In the future, an internal attack is expected to be increased, exploiting handheld device including smartphones that can easily be carried into an organization, or through the equipment or software of third party companies as it is often difficult for an organization to adequately supervise its security management.
2) Heightened threat-level for smartphones
In 2010, there was anticipation for possibilities of producing and distributing malicious applications that run on smartphones, especially on those based on the Android OS. In 2011, malicious applications were able to develop means for exploiting OS vulnerabilities and were massively produced. In 2012, the malicious applications are expected to be improved through the adoption of techniques used in the past for malware targeted on conventional PC software, leading to an increase in the infection efficiency for smartphones. Examples of such techniques include a stealth technique that hides malicious codes inside a smartphone, and acquiring super user authority exploiting the vulnerabilities of the mobile device's operating system.
Inducing users to download malware from a website through social engineering techniques, or by automatically infecting devices using the vulnerabilities of mobile web-browser are also expected to emerge as common attacks. There are likely to be malicious applications that target financial or credit card information from Internet banking or online commercial applications installed on smartphones.
3) Increasing security threat through SNS
As SNS becomes an increasingly popular channel for instant communications and information-sharing worldwide, cases that exploit it are also on the rise. As shortened-URLs do not provide the full form of the linked website's address, malware-distributing websites and phishing websites were increasingly distributed in the form of a shorten-URL. In 2012, such cases are expected to increasingly emerge, with SNS also being a potential intrusion route for an APT attack.
4) Localization of threats that exploits applications' vulnerabilities
In 2011, the number of cases of attacks against the vulnerabilities of widely used applications, such as operating systems, decreased, while the number of cases exploiting the vulnerability of applications used in a specific geographical locations showed increased. Typical examples include Hangul, the word processor program that widely used in South Korea, exploiting the vulnerability of the video player software, P2P and web storage programs. The infection technique used was in sending emails with files that contained vulnerabilities, or automatically infecting PCs through access to a website. This trend is expected to continue in 2012 and, furthermore, applications' vulnerabilities could also be exploited in various security threats, such as in an APT attack.
5) Increasing attacking attempts targeting infrastructure / industrial systems.
Whether for financial gain, or for political or religious reasons, the threat of attacks to the infrastructure and/or industrial systems of specific country is expected to increase. It is thought likely that this could expand into a fully-fledged cyber war between nations if a national institution is revealed as being directly or indirectly involved in such an attack. When an internal system is accidentally connected to the Internet or to an external system, owing to the negligence of the user involved, this can trigger an attack. Attacks are also likely to exploit the vulnerabilities of the specific software used in national industrial or institutional systems.
6) Threats to cloud-computing and the virtualization environment
Recently, a large number of enterprises have been adopting cloud services, based on virtualization technologies, as a business model. While offering the maximum utilization of resources, cloud services and virtualization technologies can be turned into a security threat, should their vulnerabilities become exploited. In fact, many security vulnerabilities were found in the widely adopted virtualization products in 2011. With these vulnerabilities, SpyEye code, which steals financial information, was distributed by exploiting the vulnerability of Amazon's cloud-service. AhnLab predicts that with the increase in cloud-computing and virtualization services, they will become the target of various types of malware.
7) Increasing threat to network-connected systems such as Smart TV
Security threats to 'smart devices', such as Smart TV and smartphone, which have embedded software to link a device to the network, are expected to increase. In particular, home appliances, which are widely used in daily life and, which usually have a long replacement cycle, are thought to possibly become exposed to persistent attacks. In one case from Japan, for example, an attack exploited a DVD recorder connected to the Internet. A hacker demonstrated that control of a specific system was possible externally by installing Linux on a Nintendo DS terminal at a security conference. As the embedded system designed for simple repetitive tasks have of late become increasingly linked to a network, the possibility of becoming a hacking target or a DDoS attack is also increased.
Furthermore, hacktivism, a social phenomenon through which a system is hacked or else a DDoS attack is attempted as a means of promoting particular political or social ends, is expected to emerge in 2012 as a widely reported issue, especially given the present global environment, with presidential elections forecast in South Korea, the US and Russia.
"As IT devices and the Internet environment improves, the techniques or distribution routes used by security threats is becoming increasingly complicated," emphasized Howoong Lee, director of ASEC (AhnLab Security Emergency Response Center). "Therefore, it is important to consider security when constructing infrastructure or in the development of a new device. Moreover, individual or enterprises and institutions should be sure to maintain information security awareness as part of their daily routine."
About AhnLab, Inc.
Headquartered in South-Korea, AhnLab, Inc. (KSE: 053800) develops industry-leading security solutions and provides professional services that are designed to secure and protect critical business and personal information. As a leading innovator in the information security arena since 1988, AhnLab's cutting edge products and services have been fulfilling the stringent security requirements of both enterprises and individual users. AhnLab's products and services include anti-virus solutions, network, mobile and online game security, security management and consulting services. Today, AhnLab boasts a network of sales and research operations in more than 20 countries worldwide.
SOURCE AhnLab, Inc.