Predicting the future is one hazardous occupation (ask the Mayans), yet in the world of IT and technology, trends and habits have a tendency to repeat themselves year after year. In this post I look at some of the things that will most likely happen in 2013 – affecting both your users and the business.
- MySpace comeback
A recent study shows that MySpace is one of the poorest performing social media platforms of 2012; however, its latest site redesign and strategy could be enticing enough for netizens to give it a second (or third) chance. If MySpace becomes as buzzworthy as Google+ prior to its launch, we can expect criminals to take advantage of this. Expect a first-off shenanigan like bogus MySpace invites for this one.
- The debate on BYOD will go on
For some, BYOD (Bring Your Own Device) was already a reality even before the term was invented and security measures were instituted in the company. It seems this policy is already bound to happen as more and more people bring and use their own personal devices. Now that an increasing number of employees and enterprises are embracing this policy, serious questions on security come in. As long as security remains an issue that is not addressed, BYOD will continue to be a hot topic of debate.
- Online criminals will continue to bait mobile users with fake apps
Regardless of a security measure in place, people are still finding bogus apps served on Google Play. It is now up to the users to fend for themselves by checking and double-checking the credibility of the app creators.
- Phishing, other scams, hacking and malware will continue to target gamers
Gamers on any gaming platform (Steam, PC, PS2, XBox, even social networking sites) have been subjected to phishing attacks and malware attacks in the past. Whether gamers are entering their account credentials to sleek looking bogus gaming sites to which they were redirected from an email or downloading a keygen for their games, the gaming industry is a market cybercriminals will not fail to exploit.
- Social media platforms will continue to be rife with web threats
Social media platforms like Facebook, Twitter, and Tumblr make it easy for anyone to share and see shared posts in real time. This, however, can also mean that what you’re sharing might lead someone to panic unnecessarily, click a link that will take them to fill in surveys, or download and install something to their system.
- There’s still that issue of passwords
It’s very alarming to see that bad passwords used a couple of years back are still being used now. As long as internet users continue to ignore the liabilities of recycling and reusing passwords, creating passwords that are too short and predictable, more accounts and sites will be in the hands of criminals.
- Compromising/defacing sites will remain a means to express online protest and “tough love”
This so-called “Hacking for a cause” will continue as a means to protest against an ideology, law, philosophy, etc
- Vulnerabilities in third party software
Hackers will continue to target 3rd party programs, such as Adobe Flash, Oracle Java, and Adobe Acrobat for software vulnerabilities. They realize patching 3rd party applications is an area that many IT admins simply do not address. The solution to this would be to run a product that provides patch management for 3rd party applications, such as GFI LanGuard.
- Social engineering – you can’t patch people
Hackers will continue targeting employees, by sending them emails that look legitimate, in hopes that the user falls for their trap. These emails may contain malicious attachments or URLs that point to malicious websites. IT admins should ensure they have an antivirus solution installed on the server and endpoints, as well as have the ability to filter malicious URLs.
- Data loss
Nearly everyone at one point in their life has lost a mobile device, such as a smart phone. With increase in employees following the “Bring Your Own Device” trend, IT admins need to know which devices are actually connected to their networks. They need to put policies in place that allow them to locate, lock, or wipe the device, and the employee needs to sign an agreement stating they approve of this. If the employee wants to connect their personal device to the corporate network, they have to agree to the terms set in place by the IT admin. If the admin has no way of tracking/wiping these devices, sensitive data may be lost, or put into the wrong hands.
- Data theft
Miscreants will continue targeting high profile companies, in hopes of gaining access to sensitive data. We have seen the Anonymous group in 2010-2012 breach several corporations and government entities, and believe they will continue to do so in 2013. Typically, they are performing SQLi attacks, or SQL injection attacks, which allow them to reveal sensitive data stored in databases. IT admins should not only perform 3rd party audits of their web servers, but also have a contingency plan, in the event something goes wrong.
- Mobile threats
Mobile threats will continue to escalate into a bigger problem for enterprises. Hackers realize that IT admins do not necessarily run an antivirus solution on their mobile endpoints, and as such, will target them. Malware is being created to steal data from Android devices. In order to keep this attack vector under control, corporations need to put security policies in place, which include installing an antivirus solution on mobile devices.
- Cloud-based storage services havoc
More and more enterprises will use cloud-based storage services to store corporate data to allow for easy access when users are mobile. This is a nightmare for IT administrators because they have no clue where the data is going. Cloud-based storage services can be installed on any machine or device and so data is also accessed in many ways. Admins will need to regulate and control how cloud-based storage services are used in a corporate environment. Cloud services may also bypass content checking features in antivirus and anti-spam products because data is not being sent by email.
Do you have any other predictions for 2013? Leave me a comment below!