With a new year ahead, security experts are positing that cyber-espionage will increase in 2012, and that the malware used for these purposes will become “increasingly sophisticated,” according to a report by IDG.net.
In the past two years alone, government agencies, Fortune 500 companies and other institutions have all had sensitive data stolen from them due to the increased malware-based attacks. Security professionals are warning more attacks are highly likely in 2012 and the years ahead.
Experts point to two recent, shockingly sophisticated (and possibly related) malware threats, Stuxnet and Duqu, as possible harbingers of things to come. Stuxnet’s “multipronged approach” and its use of vulnerabilities are believed to have set back Iran’s nuclear program by a few years, while Duqu acts as a Trojan that gathers information useful in attacking industrial control systems.
Despite the possibility of escalating cyberconflicts and retaliation, the report advices that companies and governments “should be more worried about cyber-espionage attacks that use simpler data exfiltration tools,” essentially “unsophisticated, yet effective, pieces of malware” known in the security industry as Advanced Persistent Threats (APTs).
The number of APT threats is also expected to increase in 2012, prompting industry professionals to recommend better employee training and more effective protection technologies. Regarding the more sophisticated malware like Stuxnet and Duqu, the report calls for more vigilance and a plan of action once a significantly sophisticated threat is recognized.