The Internet continues to grow and offer new resources for enterprise and education, but the threats to the integrity of the network will only grow, warn researchers at Georgia Tech.
In the coming year, there will be increasingly sophisticated means to capture and exploit user data, as well as escalating battles over the control of online information that threatens to compromise content and erode public trust and privacy.
They are among the findings announced by the Georgia Tech Information Security Center (GTISC) and the Georgia Tech Research Institute (GTRI) in this week's release of the Georgia Tech Emerging Cyber Threats Report for 2012.
According to the report, we'll be hearing more about “search poisoning” in the coming year. Attackers will increasingly use SEO techniques to optimize malicious links among search results. Users will be more likely to click on the malicious URL because it ranks highly on Google or other search engines.
Mobile web-based attacks will also become more numerous, according to the researchers. We can expect increased attacks aimed specifically against mobile Web browsers as the tension between usability and security, along with device constraints (including small screen size), make it difficult to solve mobile Web browser security flaws.
There will also be growing interaction between cyber criminals and legitimate businesses, especially when it comes to stolen data that has marketing value. The report notes that the market for stolen cyber data will continue to evolve as botnets capture private user information shared by social media platforms and sell it directly to legitimate business channels such as lead-generation and marketing.
“We continue to witness cyber attacks of unprecedented sophistication and reach, demonstrating that malicious actors have the ability to compromise and control millions of computers that belong to governments, private enterprises and ordinary citizens,” said Mustaque Ahamad, director of GTISC. “If we are going to prevent motivated adversaries from attacking our systems, stealing our data and harming our critical infrastructure, the broader community of security researchers—including academia, the private sector and government—must work together to understand emerging threats and to develop proactive security solutions to safeguard the Internet and physical infrastructure that relies on it.”
The take-home conclusion of the report is that businesses, governments and individuals can no longer assume their data is safe in perimeter-protected networks. Attacks penetrate these networks daily.
“Our best defense on the growing cyber warfront is found in cooperative education and awareness, best-of-breed tools and robust policy developed collaboratively by industry, academia and government,” Ahamad said.