McAffee: Destructive, Stuxnet-level cyber attacks will increase in 2013

"Patriot groups self-organized into cyberarmies... will flourish"

From John Reed, Killer Apps:  IT security firm McAfee has just released a report on what it thinks will be the biggest trends in cyber for the new year. . . .

Perhaps most important from a national security standpoint is McAfee’s prediction — echoing that of the Pentagon — that destructive cyberattacks along the lines of Stuxnet will increase in 2013. . . .

"Destructive payloads in malware have become rare because attackers prefer to take control of their victims’ computers for financial gain or to steal intellectual property. Recently, however, we have seen several attacks-some apparently targeted, others implemented as worms-in which the only goal was to cause as much damage as possible. We expect this malicious behavior to grow in 2013." the report reads. "The worrying fact is that companies appear to be rather vulnerable to such attacks. As with distributed denial of service (DDoS) attacks, the technical bar for the hackers to hurdle is rather low. If attackers can install destructive malware on a large number of machines, then the result can be devastating. . . ."

"Patriot groups self-organized into cyberarmies and spreading their extremist views will flourish," states McAfee. "Up to now their efforts have had little impact (generally defacement of websites or DDoS for a very short period), but their actions will improve in sophistication and aggressiveness. They will fight among themselves, certainly, but their favorite targets will be our democratic societies each time we denounce the extremist governments they support."

All of these groups will be aided by the rise of what one DoD cyber official told Killer Apps worries him the most: the ever-expanding black market for malware and hackers for hire, or hacking as a service (HAAS), as McAfee puts it, in a play on the term for the software as a service (SAAS) business model. McAfee worries that the hacker black market is evolving from groups of loosely organized forums (basically online hacker bazaars) filled with hackers of all skill levels toward cadres of professionally organized hackers running online businesses providing all sorts of malware to customers.

"Online sales sites modeled on legal trade activities will grow in 2013," according to McAfee. "On these sites, buyers can make their choices at the click of a mouse, use an anonymous online payment method (such as Liberty Reserve), and receive their purchases without any negotiations or direct contact with the seller. More secure and anonymous, these offers will be easier to find on the Internet. They will also be more diversified. We have already started to see high-level audit services and offers for project development for cybercriminals."   (graphic: Steve Caplin/Guardian)

Image: guardian%201%202%2013%20Cyber-war-bomb.jpg