Growing Security Headache For Industrial Sector In 2012

McAfee researchers have been crystal ball watching to divine 2012’s security trends. Tom Jowitt investigates their findings

Intel’s security division McAfee has warned that more-sophisticated, well-organised industrial cyber-attacks will increase in frequency during 2012.

The prediction came in McAfee’s 2012 Threat Predictions report, which warned that high-profile industrial targets will be at risk, and that more hacktivist groups will emerge.

Areas Of Concern

So what should industry bosses be on the look out for in the year ahead?

It seems that likely industrial targets include mobile banking, “legal” spam and virtual currencies, to name but a few. McAfee also warned that while water, electricity, oil and gas are vital everyday resources, many industrial systems are not prepared for cyber-attacks.

“Many of the environments where SCADA [Supervisory Control and Data Acquisition] systems are deployed don’t have stringent security practices,” McAfee warned.

“Many of the threats that will become prominent in 2012 have already been looming under the radar in 2011,” said Vincent Weafer, senior vice president of McAfee Labs. “Over the past year, the general public has become more aware of some of these risks, such as threats to critical infrastructure or the impact of hacktivism as they gain international media attention. In the meantime, we continue to see cyber criminals improving their toolkits and malware and are ready to make a significant impact in 2012.”

The security vendor also went on to predict that while spam volumes have decreased over the years, users will see an increase in legalised spam. This is where legitimate advertisers pick up spamming techniques, such as purchasing email lists of users who have “consented” to receive advertising, or purchasing customer databases from companies going out of business.

Mobile Banking

Another possible area of concern is tin the mobile sector, with attackers bypassing PCs altogether as people increasingly handle their banking on mobile devices.

“In 2012, McAfee Labs expects for mobile attackers to improve on their skill set and move toward mobile banking attacks. Techniques previously dedicated for online banking, such as stealing from victims while they are still logged on while making it appear that transactions are coming from the legitimate user, will now target mobile banking users,” it warned.

Other areas of concern include embedded systems (GPS devices, routers, digital cameras and printers). McAfee said it expects to see proof-of-concept codes exploiting embedded systems to become more effective in 2012.

The company also predicts that either the “true” Anonymous group will reinvent itself, or die out next year. It also expects a closer relationship to develop between physical demonstrators and online digital disruptors.

Virtual currency is another possible area of risk, with online “wallets” proving to be an attractive target for cyber criminals. The security vendor also pointed to the dangers from rogue certificates and DNSSEC (Domain Name System Security Extensions) attacks.

National cyber-attacks

Perhaps of greatest concern is McAfee’s belief that wholesale cyber-attacks against countries will become an increasing problem.

“Many countries realise the crippling potential of cyber-attacks against critical infrastructure, such as water, gas and power, and how difficult it is to defend against them,” the report said.

This comes after Kaspersky Labs warned that the Stuxnet virus which in 2010 damaged Iran’s nuclear programme, was probably one of at least five cyber weapons developed on a single platform.

Stuxnet has already been linked to another virus, the Duqu data-stealing Trojan. However, Kaspersky’s director of Global Research and Analysis Costin Raiu told Reuters that his team has gathered evidence that shows the same platform that was used to build Stuxnet and Duqu was also used to create at least three other pieces of malware.

Raiu said the platform is comprised of a group of compatible software modules designed to fit together, each with different functions. Its developers can build new cyber weapons by simply adding and removing modules.

“It’s like a Lego set. You can assemble the components into anything: a robot, or a house, or a tank,” he said.

Train Threats

The McAfee warning comes amid another warning about the hacking threat to trail networks,  because of a shift to new signalling technology. Professor Stefan Katzenbeisser of Technische Universität Darmstadt told a security conference in Berlin that the new signalling system was vulnerable to Denial of Service attacks.

“Trains could not crash, but services could be disrupted for quite some time,” he was quoted as saying in the Daily Telegraph, as he spoke at the Chaos Communication Congress.

In the UK, Network Rail is understood to be currently installing GSM-R across the British network. GSM-R apparently uses technical standards similar to 2G mobile networks.