Cyber Threats Gaining Attention

Posted on Jan 06, 2012

If vendors and risk consultants are right, 2012 could be a dreadful year for cyber attacks.

Predicting the future used to be left to the likes of a Nostradamus or a caravan dweller using a set of Tarot cards, perhaps in conjunction with a crystal ball.

But with cyber security issues pushing their way more and more into the public consciousness, the number of vendors and companies that are sending out "worst of 2012" lists or "top 10 cyber security risks for 2012" seem to outnumber the amount of cyber risks themselves.

On Dec. 20, Tacoma, Washington-based Internet Identity, an Internet security service, came out with its list of top 2012 cyber fears. Chief among them was the warning that the 2012 Summer Olympics in London will serve as a platform for cyber attacks.

"Cyber criminals have gotten much smarter about capitalizing on current events to swindle victims," Rod Rasmussen, the president of the company, said in a press release.

Other events that could provoke phony email entreaties include the 2012 presidential election in the United States and the "End of Times," the Mayan calendar prophecy that the end of the world as we know it will come on Dec. 21, 2012.

Kroll, the international risk consultancy, is among a group of forecasters predicting that small businesses will increasingly fall victim to hackers. "Hacktevism", the branch of cyber terrorism aimed at wounding or bringing down large corporations or governments, will be augmented by attacks on small businesses, according to a Dec. 14 press release by the company.

With the cost of repairing the damage to a technology infrastructure sometimes running into the hundreds of thousands of dollars, small businesses are intensely vulnerable to cyber attacks. One, they may lack the resources to properly defend against cyber attacks, and secondly, just one such loss may represent a disproportionate percentage of a small company's annual revenue.

The company also thinks that mobile technology has spread so quickly that the ability of security measures to ward off attacks with so many mobile devices in use has been severely compromised.

"This unfortunate dynamic is no secret to thieves who are ready and waiting with highly targeted malware and attacks employing mobile applications," Kroll said in its release.

"Similarly, the perennial problem of lost and stolen devices will expand to include these new technologies and old ones that previously flew under the radar of cyber security planning," the company added.

Internet security provider McAfee also predicts that 2012 will see increases in financial cyber attacks by hackers who bypass personal computers and victimize those using mobile devices to access their personal or business bank accounts.

Companies that defend against an increasingly wider range of attack methods are developing business models that are devoted more and more to publicizing Internet security threats.

Hollywood, Fla.-based Prolexic Technologies on Dec. 29 issued a press release on measures it is taking to warn clients about Dirt Jumper, a high-risk distributed denial of service toolkit. According to Prolexic, the DirtJumper malware can be purchased online for as little as $150.

"The Dirt Jumper [distributed denial-of-service] toolkit is currently one of the most aggressive malware strains used by DDoS attackers globally," said Neal Quinn, a vice president of operations at Prolexic, in the company's Dec. 29 release.

The company predicts that the use of Dirt Jumper will spread in 2012.

January 3, 2012

By DAN REYNOLDS, senior editor of Risk & Insurance®

Copyright 2012© LRP Publications