Imperva has released some interesting predictions for 2013

Dec 21, 2012 22:51 GMT  ·  By

Imperva has released its set of predictions for 2013 and, according to their studies, the number one trend is that “government malware goes commercial.”

Experts believe that just as the technological advancements in military aircraft have influenced commercial aviation, the techniques used in state-sponsored attacks will have a similar impact on modern malware.

“Technologies previously attributed to “state sponsored” attacks are going to become commercialized (or commoditized), further blurring the difference between Cyber Crime and Cyber War,” Imperva noted in its latest report.

Furthermore, “compromised insider” threats – represented by devices affected by modern malware – will become a greater risk factor than malicious insiders.

After monitoring a number of botnets in 2012, researchers have been able to determine the changes we'll likely see in the infection methods.

In the future, cybercrimnals will probably rely on a larger number of hosts that contain more sophisticated malware. They will also make their command and control (C&C) infrastructures larger and more robust.

In one instance, experts noticed that a botnet utilized by a cybercriminal organization to target personal banking accounts could be used to target enterprise systems just as efficiently.

The technologies deployed in existent commercial banking malware can be seamlessly integrated into an operation that targets cloud enterprise data.

With more and more organizations relying on a mobile workforce, cloud enterprise data has become more susceptible to compromise.

“Attackers have always followed the path of least resistance. Considering that antivirus has not been effective in preventing infections from modern malware, this trend should surprise no one. Enterprises who fail to adopt a data or file-centric security approach will be caught with their pants down,” the company explained.

“Investing in the right ‘ears and eyes’ to monitor the access of servers, databases and files, to make the detection of such attacks easier.”