2012 has been a year which has seen big stories in the internet world in regards to security. It is easy and straightforward to point out to the big stories which have formed a talking point and which have demanded that a whole different kind of thinking and approaches made in the security industry. In fact to the cyber security world, 2012 has been the year of cyber warfare evident from the government sponsored attacks and malware. This year has also been the year for hacktivists who have attacked websites relentlessly.
The Flashback malware become very popular towards April when the damage it had done was eventually put bare. The number of the Macs infected with the malware was estimated at 700,000. It marked the first infection of the Mac and essentially the biggest to be seen thus far. The ramification of this malware were far reaching since the Mac was now vulnerable and this spelt a big source of concern for the faithful of the Apple brand. Security industry experts in finding answers on how the flashback malware was successful on the Mac OS X platform realized that the malware took advantage of Java vulnerability. It was able to spread and infect more Macs due to users of the Mac having not employed any security measures. It is now common sense that the major outbreaks are actually possible on the Mac platform.
Cyber espionage was in 2012 taken to a whole new different level. From April, cyber attacks were reported in the Middle East to the computer networks and systems of oil platforms. The wiper malware was responsible though it was never profiled since it was not found. But in finding answers to this, other sophisticated malware were unearthed; Flame and Gauss. Flame malware has eventually been declared a very complex malware capable of devastating attacks when deployed. The malware was deployed on Iran in the Middle East aimed at their nuclear enrichment program. The capabilities of Flame were immense and it is able to steal documents, intercept audio conversations, scan blue tooth devices, and take screenshots and corrupt databases. Flame has been closely linked to the Stuxnet malware and both are believed to be sponsored and developed by a government. It is even believed that Flame had been in existence for long before it was discovered. The malware was unique in that it was able to be deployed as a man in the middle and even affect patched Windows operating systems. Gauss was even more mysterious and its abilities as complex as with the flame malware. The deployment of these malware on the Middle East is the signaling of cyber warfare which will only be flaring up in the future as more nations join the cyber arms race.
Android threats in 2012 have increased remarkably and statistics show that android malware has increased six fold. This can be best explained as an explosion in the number of threats on the platform. The reasons behind the explosion in the number of android threats can first be based on the fact that the platform is open source and allows malware writers equal freedom as app developers in taking advantage of the platform. Another reason has to be the economic gain seeing that android has been very popular and there are large numbers of android users to be targeted. Industry experts expect the same trend to continue in the coming year.
The circus revolving around the DNSChanger malware and it eventually shutdown by the FBI deserves mention on the highlights of the security industry in 2012. When this identity theft infrastructure was taken over by the FBI, they gave time for victims of the malware to disinfect their systems. This was a trouble free incident and was a perfect example of what cooperation between the private sector companies, governments and law enforcement agencies could give birth to. Information sharing, cooperation and pooling of resources are vital ingredients if success is to be achieved in the fight against cyber crime.
Notable events in the cyber crime and security industry are Adobe certificate theft, Shamoon malware, the Mahdi incident, password leaks that happened with Dropbox, LinkedIn among others and the Java zero day vulnerabilities. All these were an awakening call to the security industry and showed that attacks will have no boundaries and can affect extremely large numbers of people. Hacktivists came and announced their presence and will be also a very big concern going forward. The actors have not changed much but the scope and the complexity of the attacks continue to grow and the source of concern.