Looking Back At 2011 And Bold Predictions for 2012 (Part 1)

In a turn of events appropriate for the most tumultuous year in cybercrime, 2011’s body is barely cold and we’re already smelling something suspicious from its decomposing carcass. Rumors of two worms, one well-known and the other relatively new on the scene, have some of us wondering what will happen next in 2012, and the year has only just begun. In an attempt to put the preceding year into perspective, we take a look at what might be in store for the new year and beyond with some bold and not so far-fetched predictions for 2012.

PREDICTION: A Shiny New Worm with Every Census Report, Tax Return and Piece of Monetary Currency

First up for 2012 is a prediction that all bets will be off when it comes to understanding the nature – and source – of some of the most insidious malware in the known universe. In fact, the threat and very nature of the state-sponsored malware will only get more confusing, and most likely more disturbing, as we discover where and how it’s being used.

Discovered in 2010, Stuxnet was in the news again in 2011. A worm designed to target and damage industrial control systems (like the kind found in nuclear plants), it has been a source of great debate over who created it and what its ultimate purpose represented; but few could argue that with more than forty percent of Stuxnet’s infections landing in Iran, the nation was most likely the target from the get-go. Russia and others wasted no time pointing the finger squarely at the United States and Israel as the benefactors of the worm, which surely must be state-sponsored.

It seemed inconceivable that anything could top the news that broke late in the year about Stuxnet’s connection to Conficker, suggesting that the latter, a notorious botnet, was used to deliver the payload for Stuxnet. If rumors are true that Stuxnet is state-sponsored, the implication that spam might have been part of the delivery method can and must only leave a bad taste in people’s mouths.

As 2011 wheezed out its last few painful breaths however, a new development occurred in this bizarre tale, as it was revealed that ongoing research by Kaspersky Labs on Stuxnet uncovered a direct link between Stuxnet and Duqu – a worm, discovered only in September, which shares many of the attributes of Stuxnet. In fact, media outlets are reporting that the worms are suggestive of an ‘arsenal’ of malware that has been in development as early as 2007. The code kernel has been dubbed ‘Tilded’, in recognition of the author’s habit of using filenames that begin with ‘~d’.

The Prediction: Keep your eyes open for Tilded. We will continue to see new pieces of the puzzle unveil, and they will point at the government of a country – or perhaps multiple countries working in concert – all but providing conclusive proof of the party (or parties) responsible for this new and nefarious form of warfare. What will make this story even more notorious, however, is when it becomes clear that an unsuspecting public has been a major delivery mechanism for this 21st century warfare, through the use of spam, malware, and botnets. And if that is true, it could very well be the case that some of those spammers you curse on a daily basis are actually nation states using spam to mask their cyber intelligence activities.

PREDICTION: The Cloud Will Get Stormy

While the Cloud was one of those recurring themes that flew, for the most part, under the radar in 2011, companies like Apple and Microsoft continued to push it like it is a silver bullet and a cure-all for everything that ails small companies to major corporations.

The Prediction: 2012 will see at least three Cloud-based security events, most likely linked in some way to spam, malware, hack attacks or compromised mobile devices. Furthermore, they will be high profile events, targeting Fortune 1000 or Global 1000 companies, or less likely a government agency. Anonymous will take credit for at least one of the breaches, and there will be a link with one of the breaches to North Korea and/or China.

Next week, in Part 2 of this story, we’ll take a look at some other bold and controversial predictions for 2012, and how we can learn something from 2011 – but only if we’re ready and willing to listen to it.

Written by Malcolm James

0 Comments

  1. Harry Belaude · January 5, 2012

    Interesting predictions, and while certainly bold, I suppose it’s the nature of spam and malware that I see the odds of all these things happening as pretty dang high.

    I would love for none of them to be true, personally, as I would think 2012 would be a great year if the only news about spam and malware was how it was getting beaten and phased out, but I guess that makes me an optimist.

  2. Malcolm James · January 5, 2012

    @Harry, nothing wrong with being an optimist, and here’s hoping your wishes for 2012 come true!

  3. Danny Huston · January 7, 2012

    My prediction is that cloud computing and all other cloud-based and cloud-powered programs will more dynamic and powerful this year. 2011 has been the year of the cloud, more so will be in 2012.

    In the next five years, cloud computing will be more affordable that even small and medium businesses can have its system and implement most of cloud’s platforms.

    Of course, with cloud’s popularity, also comes the rise of spams, hacks, and other types of malicious online activities.

  4. Anderson N. · January 8, 2012

    @Danny Houston
    I beg to disagree with your statement Danny. Cloud computing still has to prove many things to business-owners especially on the areas of security and stability. I own a small IT business, and some of my colleagues (who also own small tech-based enterprises) are hesitant to migrate fully to the cloud because of several security issues.

    The bandwagon thing (organizations joining the trend of shifting their platforms to the cloud) is a myth created by cloud providers to up their sales and manipulate the public.

  5. Hugh Robertson · January 9, 2012

    Spam will definitely continue to rise this year especially on several social media platforms. I predict Facebook, Twitter, Google +, and all other major social media will have tough times fighting off spams and phishing attacks – not to mention the hacking of users’ accounts as well. And speaking of hacks, this malicious activity will become cloud computing’s major issue in 2012 and beyond. Anonymous will change its name and become a more formal group. It will also have stronger presence somewhere in Asia and the developing countries.

Leave A Reply