In 2012, soldiers will be out of Iraq and will soon be leaving Afghanistan, but the security war in cyberspace is just gearing up.
According to a recent study from the Georgia Tech Information Security Center (GTISC) and the Georgia Tech Research Institute (GTRI) entitled “Georgia Tech Emerging Cyber Threats Report for 2012”, there will be a raging battlefield on the Internet.
Bo Rotoloni, director of GTRI’s Cyber Technology and Information Security Laboratory (CTISL), knows these 2012 security dangers are real, not imagined:
“Our adversaries, whether motivated by monetary gain, political/social ideology, or other otherwise are becoming increasingly sophisticated and better funded…Acting as individuals or groups, these entities know no boundaries, making cyber security a global problem. We can no longer assume our data is safe sitting behind perimeter-protected networks. Attacks penetrate our systems through ubiquitous protocols, mobile devices and social engineering, circumventing the network perimeter. Our best defense on the growing cyber warfront is found in cooperative education and awareness, best-of-breed tools and robust policy developed collaboratively by industry, academia and government.”
One of the 2012 cyber threats is “Search Poisoning.” Cyber thugs will use SEO techniques to increase malicious links among search engine results. Unwitting users will be suckered into these clicking URL links because they rank high on search engines.
As smartphones become smarter and increasingly become our primary Internet gateway, this means increased “Mobile Web-based Attacks.” Cyber thugs will specifically attack mobile web browsers to create friction between security and usability. It may be difficult to solve mobile Web browser security flaws because of mobile device constraints such as their small screen size.
Cyber thugs will also make a pretty penny selling “Stolen Personal Data.” Botnets illegally capture private user information from social media networks. The illegally captured information is then legally sold to legitimate businesses to be used to generate leads for marketing purposes.
Last October, at the annual Georgia Tech Cyber Security Summit, IT security experts from around the world gathered to compare their 2012 predictions. They included GTRI’s in-house security experts and security experts from Reputation.com, Mobile Active Defense, the Financial Services Roundtable and Equifax.
GTISC’s Director Mustaque Ahamad summed up the importance of the Summit:
“We continue to witness cyber attacks of unprecedented sophistication & reach, demonstrating that malicious actors have the ability to compromise & control millions of computers that belong to governments, private enterprises & ordinary citizens…If we are going to prevent motivated adversaries from attacking our systems, stealing our data & harming our critical infrastructure, the broader community of security researchers – including academia, the private sector & government – must work together to understand emerging threats & to develop proactive security solutions to safeguard the Internet & physical infrastructure that relies on it.”