Business security specialist WatchGuard announced its top security predictions for 2012, including a major breach of a top cloud provider, the rise of advanced malware attacks through virtual systems and mobile applications, and an increased reliance on virtualization, which will reawaken a need for virtual security.
WatchGuard suspects that malware will increasingly leverage geolocation to customize attacks, thus increasing its money-making potential. A simple technique already in use is to forward victims in specific locales to targeted fraud sites that work best in that region. The company anticipates hackers will find even more malicious ways to exploit geolocation in malware next year.
The report also predicts new Web technologies such as HTML5 will fuel the growth for next year's Web application attacks. Like the Web technologies that came before it, HTML5 is generally secure, and it introduces some security benefits that could help developers avoid common Web application pitfalls. However, the report cautions that the security of HTML5 applications is dependent on the skill and care with which the developers create them.
"HTML5 is new and complex. Developers are still getting comfortable with it, which means they are likely to make programming mistakes that could translate into web vulnerabilities," the report warns. "For this reason, WatchGuard predicts that the increased usage of HTML5 will heavily contribute to web applications attacks next year."
Two years ago, WatchGuard predicted that social networks would be a dangerous playground for attackers. Last year, the company predicted that Facebook links would take over where malicious email attachments left off. It also said to expect to see more Facebook security updates next year. In fact, in 2012 WatchGuard forecasts Facebook-based attacks will increase and Facebook will be forced to "sit up and take notice." Specifically, Facebook will implement new security solutions on its site to avoid losing fed-up users.
In 2012, WatchGuard forecasts that the mobile threat will continue to grow, but with a more specific source-app stores and marketplaces. To avoid mobile malware, the company recommends taking caution of what is downloaded from an app marketplace, and verify that the associated vendor does a solid job validating apps.
During 2011 attackers focused most of their malware delivery efforts on infecting various smartphone providers' application delivery systems, like Google's App Marketplace or Apple's App Store. They have been more successful at infecting some app stores than others, but have proved that all application repositories can be fallible, the report noted.
"2012 stands to be a dynamic year for network security as criminals and hackers take threats to new levels," said Eric Aarrestad, vice president at WatchGuard Technologies. "Given how new threats are constantly evolving, WatchGuard remains ever vigilant in staying one step ahead of these threats, which gives our customers unparalleled protection for their networks, applications and data."