Symantec and Norton by Symantec announce predictions for 2013 cybersecurity and threats, which emphasize that the United Arab Emirates (UAE) continues to be a target for cybercrime attacks for businesses and individuals.
Last year the UAE was ranked as one of the most highly spammed countries worldwide – with a spam rate of 73%, according to Symantec’s 2011 Global Internet Security Threat Report, Volume 17. In addition, over the past six months the UAE has consistently had a higher percentage of inbound spam in comparison to the global monthly average, according to Symantec’s Monthly Intelligence Reports. The high-level of spam can be attributed to cyber criminals capitalizing on the rapid growth of internet penetration and pirated software making compromises more effective when successful.
Earlier this year, the findings of the Norton Cybercrime Report revealed that 1.5 million people fell victim to cybercrime in the UAE in the past twelve months, costing the country $422m (Dhs1.5bn) in direct financial losses. Cyber attacks are expected to be even more problematic due to an increase in new forms of cybercrime compared to last year, such as those found on social networks or mobile devices. In fact, in 2012 the UAE witnessed an overwhelming 46% of its social networking users falling victim to cybercrime on social media networking platforms, a high percentage compared to the global average of 39%.
“In 2013, we foresee a steady rise in targeted attacks towards governments, companies and individuals with financial and political motivation. In addition to traditional cybercrime, the UAE‘s high number of mobile devices per person creates a new avenue for increasingly sophisticated incidents,” said Justin Doo, cloud and security practices director for Middle East and North Africa, Symantec. “On a global scale, malicious cyber attacks rose by 81% in 2011 and as this trend continues, organizations in the Middle East need to be vigilant about protecting their information.”
Further Security Predictions for 2013:
• Increase in Cyber Conflicts
Conflicts between nations, organizations and individuals will play an integral role in the cyber world. Nations or organized groups of individuals will continue to use cyber tactics in an attempt to damage or destroy the secure information or funds of its targets. In 2013, we will see the cyber equivalent of saber rattling, where nation states, organizations, and even groups of individuals use cyber attacks to show their strength and “send a message.”
• Ransomware is the new Scareware
Fake antivirus has begun to fade as a criminal enterprise, and a new and harsher model has emerged: ransomware – which infects a computer system and restricts access until a ransom is paid to the creator of the malware. Ransomware goes beyond attempting to fool its victims; it attempts to intimidate and bully them. In 2013, attackers will use more professional ransom screens, up the emotional stakes to motivate their victims, and use methods that make it harder to recover data once compromised.
• Mobile Adware Exposed
Mobile adware, or “madware,” disrupts the user experience and can potentially expose location details, contact information, and device identifiers to cybercriminals. Madware—which sneaks onto a user device when they download an app—often sends pop-up alerts to the notification bar, adds icons, changes browser settings, and gathers personal information. In the past nine months, the number of apps including the most aggressive forms of madware has increased by 210%. Because location and device information can be legitimately collected by advertising networks, Symantec expects increased use in madware as more companies seek to drive revenue growth through mobile ads.
• Monetization of Social Networks Introduces New Dangers
As consumers, we place a high level of trust in social media—from the sharing of personal details, to spending money on game credits, to gifting items to friends. As these networks start to find new ways to monetize their platforms by allowing members to buy and send real gifts, the growing social spending trend also provides cybercriminals with new ways to lay the groundwork for attack. Symantec anticipates an increase in malware attacks that steal payment credentials in social networks and trick users into providing payment details, and other personal and potentially valuable information, to fake social networks.
• Attackers Will Shift to Mobile and Cloud
As unmanaged mobile devices continue to enter and exit corporate networks and pick up data that later tends to become stored in other clouds, there is increased risk of breaches and targeted attacks on mobile device data. Some mobile malware duplicates old threats, like stealing information from devices. But it also has created new twists on old malware. Today mobile malware sends premium text messages to accounts that bad guys can profit from. In 2013 you can be sure that mobile technology will continue to advance and thereby create new opportunities for cybercriminals.
In addition, the increase in mobile computing will strain the SSL mobile infrastructure in 2013 and reveal a core issue: Internet activity on mobile browsers is not subject to proper SSL certificate handling. To exacerbate the problem, much of this mobile Internet usage is being handled by unsecure mobile applications, which brings additional risk to the table, such as man-in-the-middle attacks.