The estimated reading time for this post is 4 minutes
The Wonder of Tech is honored to welcome guest author Dr. Rob D’Ovidio.
************************************
As the calendar turns over, many technology enthusiasts are left wondering what 2012 has in store for them in terms of new smartphones, tablets, computers, televisions, and online services. Consumers will spend countless hours playing with these new gadgets and online services that offer them alternatives for organizing and managing their lives, staying in touch with friends and family, entertainment, and shopping. If history serves as any guide, criminals too will spend many hours with these new devices and online services looking for ways to exploit the people who use them and the companies that manufacture and offer them.
Given the current technological landscape and the technologies on the immediate horizon, the following trends will top the list of computer security threats in 2012:
– Malware (i.e. spyware, viruses, worms, and Trojan horses) will increasingly target mobile devices and smart phones. The impetus behind this trend is standardization in the cell phone industry. Standardized cell phone operating systems and backwards-compatible hardware create a sizeable base of users for a particular device platform. Those people who write malware now only need to target one or two operating environments in order to infect tens of millions of cell phone users.
– Social media sites will increasingly be the launching point for phishing schemes (or spear phishing schemes) that open people up to fraud victimization. Social media users are more likely to fall victim to phishing schemes that are delivered through these services because of the assumed trust among members of a person’s network. Criminals tend to look to the new services that have the most users in order to maximize their potential targets among a user-base that is still getting accustomed to privacy and security controls. As such, look to see a rash of phishing and online fraud schemes launched through Facebook and Google+ in 2012.
– Video games and entertainment software will increasingly be targeted in attacks and suffer security vulnerabilities. The impetus behind this trend is that games are becoming more social and increasingly have in-game economies that support the purchasing and selling of virtual goods (e.g. swords in World of Warcraft and starships in Star Wars the Old Republic). The money and virtual goods within these video games can easily be traded for real-world currency. This makes gamers and the video game/console accounts, which are often connected to a credit card, attractive targets for online fraud and identity theft schemes. Fraud connected to entertainment software will begin to manifest itself with video games and video game companies being targeted by brand hijacking and phishing attacks.
– We will see a record number of attacks against cloud storage providers. The lure of being able to access your documents, productivity applications, pictures, financial management software, music, and movies across multiple computing devices from anyplace with network connectivity is driving the widespread adoption of cloud services among consumers and business. Consumers and business are, thus, increasingly turning to the cloud to store digital data remotely instead of storing them on desktop computers, laptops, and local servers. Targeting a single cloud service offers criminals the opportunity to gain access to sensitive files that belong to millions of users instead of targeting the local computing infrastructure of individual users or companies separately.
– Consumer privacy vulnerabilities pertaining to geographic location data will increase. Data on the whereabouts of cell phone users is tremendously valuable to advertisers who look to offer customers a better way to qualify sales leads. As such, the travels of cell phone users are increasingly being tracked with and without their consent. To reduce the risk of geographic data being misused, users need to be vigilant in reading the licensing agreements for their cell phone services and apps so they know if their location is being tracked, how location data are used, and who location data is shared with.
– Governments will increase their offensive cyber warfare capacity. The reliance of our financial, energy, transportation, water, agriculture, communication, healthcare, government, and emergency services sectors on computers has made their respective infrastructures particularly vulnerable to people with advanced knowledge of computing and networking technologies. Smaller governments know that it is much cheaper to cause widespread damage to critical infrastructure using cyber warfare techniques than it is using conventional military tactics. As well, it is much easier for smaller nations to compete with the United States and other Western nations in developing offensive cyber weapons than it is to complete with them in developing conventional weaponry.
* Dr. Rob D’Ovidio is an Associate Professor of Criminal Justice at Drexel University, where he teaches and conducts research on computer crime. He can be reached at [email protected].
*****************************************
Are you concerned about cybercrime? Have you taken extra steps to protect yourself online? Let us know in the Comments section below.
* Phishing image by Widjaya Ivan
** Computer image by University of Maryland
Hi Carolyn!
I have a question that is somewhat related to the topic at hand. We gave our son a Kindle Fire for Christmas and he has been bringing it to school because teachers occasionally provide opportunity for reading. We are worried that it could be stolen. It is password protected, so no one else would be able to use it. But thieves would not necessarily know that, so even if they discover that they can’t use it, it’s unlikely they’d return it. Is there an app or another way we could track a Kindle Fire if it were to disappear? (Sorry if you’ve already addressed this issue. Missed a couple of your blogs over the holidays.) Thanks!
Hi Kathy, Great question. Because the Kindle Fire does not have GPS capabilities, there is no way to track its location. But the good news is that if your son’s Kindle Fire were stolen, you could contact Amazon and they would disable the Fire so the thief couldn’t use it. You can also get the serial number for your son’s Fire at http://www.amazon.com/myk and report that number to the police. That way if the Fire were ever recovered, you could prove it was owned by your son.
Here is a helpful discussion on the topic at Amazon: http://www.amazon.com/forum/kindle?_encoding=UTF8&cdForum=Fx1D7SY3BVSESG&cdThread=Tx3DH1BALW1A2KB
Stay tuned to The Wonder of Tech, I will be writing about finding lost smartphones soon!
Dr. Rob has brought out the most unthinkable and probably the most dangerous aspects of cyber crime that we can expect in the coming days. I am sure he has done a lot of research in the field and all that is reflected in his post.
I am damn certain we should be extra careful in sharing information online as well as any smart gadgets in future. If there are people who are smart enough to design such awesome stuff, there are people who can hack into them and make it insecure.
Thanks for sharing this Carolyn.
Hi Praveen, Yes, Rob is an expert in the field of criminal justice and I am thrilled to have him as a guest author here at The Wonder of Tech.
You’re right, we have to be very careful with our online security, but we can’t do it alone. Law enforcement needs to crack down on hackers as they do with thieves in the real world.
If a store or a bank can be built in the real world, then thieves can break in. No door lock or security system is impenetrable. If someone really wanted to break into your car or your home, they could. You can have deadbolts and an alarm, but break-ins still happen.
As law enforcement becomes more effective in catching online criminals, the Internet should become a safer place. Rob is working with federal, state and local authorities to help law enforcement combat cybercrime.
Thanks for such a great, in-depth article by Dr. D’Ovidio. Having just last week seen the “blue screen of death” on our laptop, I realize that we need to be so much more aware of all those little “nasties” out there. We not only have a laptop, but a desktop computer, iPhones, iPads, iTouches, as well as a Playstation. Do you have any recommendations for software or other items to protect our internet based electronics better?
Hi Carol, Sorry you got the Blue Screen of Death on one of your computers. Were you able to revive it? Do you think it was due to a virus or a hardware problem?
Be very careful when responding to emails. Do not click on links in emails, especially from banks or other sites requesting your password. Always go to your bank’s site through a bookmark or typing in the site address directly.
Make sure you have up to date security software on your computer. Here is a link to Top 10 Reviews Best of Internet Security Software for 2012: http://internet-security-suite-review.toptenreviews.com/ with a handy chart comparing the top software security products.
Excellent article Dr. Dr. D’Ovidio. I take the usual precautions with my devices, but need to add a password to my iphone which I will do after reading this article. I regularly receive phishing emails which I mark as spam, but they seem to keep coming. This is alarming news, so hopefully the experts will do their best to stay on top of it. Thanks for sharing.
Hi Cathy, I’m so glad you enjoyed Rob’s article. He did a great job of explaining the threats we will face in 2012.
I suggest you find out if your bank has an email address to report phishing incidents. If they do, you should forward the phishing emails to the bank so that their security department can act on them. Some sites have addresses such as [email protected] where you are supposed to forward phishing emails.
Thank you Dr. Rob for this update of what we can expect in the coming year. It really makes me sad that there are so many horrible people still among us that continue to reak havoc on innocent people. I do my best to stay updated with the latest security software on my computer and have also taken measures to protect my blog as well.
I don’t have an updated phone yet but I have no doubt that when that time arises I’ll need to understand how to protect myself better. I know I can always rely on Carolyn to help with that.
I also don’t allow any apps on my social media profiles and I never give my information to anything I haven’t accessed at that very moment but in all honesty, I don’t access much. Not when it comes to giving my information out. I’m extremely cautious.
I hate that these cloud services will be hurt more since I know a lot of people who use them and at one time I had thought of doing the same. But I prefer just backing all of my files up on an external hard drive. It’s small enough that I can carry it with me if I need to.
Will these types of things ever get better? I hope that eventually everyone can be educated on the do’s and don’ts of giving out your information and accessing sites that are obviously fraudulent. I’ll keep my fingers crossed at least.
~Adrienne
Hi Adrienne, Well said. You clearly take security seriously. Unfortunately, the biggest threats these days may not be against the data on our computers or our blogs but on the information stored by other companies in their data bases, for example, insurance companies, banks, etc. As Rob pointed out, even online games can be targets of cyber crimes.
Hackers are getting bolder, but law enforcement is taking these crimes seriously. As with other crimes, it’s a matter of law enforcement staying a step ahead of the criminals.
Scammers come in all forms these days. So nothing is safe.
Having said that, I have been a Mac-user for past 4 yrs of my life (prior to that I was Unix and Windows user). I cannot tell you how less worried I have been in my Mac-years with regards to these malwares. Well, never say never, but touch-wood, I haven’t worried about the issues in a Mac-world (Macbook, iPhone, iPad etc). There is something to say about closed systems. Windows is too open an ecosystem to be exploited. So I hear about malwares on Android (because of its openness).
In Apple I believe!™ 🙂
Hi iRewardChart, Unfortunately, these days you have to worry not only about the security on your own computer but also with the security of your online information. Being vigilant about avoiding phishing schemes and looking for secure websites will help protect you.
I agree with you about Android malware. Buying an app from the Android Market can be a risky proposition. I try to buy Android apps from the Amazon Appstore when I can.
Not sure what’s wrong with comments; “error establishing database connection.” It ate my comment.
Nervous about cloud storage and which service to trust…iCloud makes sense and yet how can we ever know which services are defensible?
Hi Jayme, Welcome to The Wonder of Tech! Sorry you had a problem commenting. I haven’t heard of that happening with other commenters, so I don’t know what the problem is, but let me know if you encounter the issue again.
Great question. When trusting online services, it’s best to go with established businesses who take security seriously. Praveen Rajarao wrote an article for The Wonder of Tech in November called How to Shop Online with Added Security that sets forth the precautions you can take to feel more secure about shopping online. Many of his recommendations apply to other online transactions.
Thanks so much for stopping by The Wonder of Tech and leaving your comment. 🙂
Hi Jayme, I found out that the issue was with CommentLuv. The problem was detected quickly and the plugin has been updated. Thanks for letting me know!
Scary stuff. I’m curious if it’s still true that Apple devices are still less vulnerable. It’s especially worrisome to consider the impact of cloud vulnerability.
Hi Ruth, you’re right, this is a very scary topic, but it’s always important to make sure we take precautions. But as Rob pointed out when I spoke with him, it’s not just the precautions you take on your own computer, but the precautions taken by the sites where you give your information are important as well. Make sure the site is reputable before you give them your credit card or other personal information.
Carolyn, aloha. Thanks so much for this guest post by Dr. Rob. While needless to say I am sorry to read what he has to say, it’s good to know.
Rather than repeat everything Adrienne said since we are much the same as well as in agreement, i’ll just incorporate who comment here.
Carolyn, this is a post that needs to be shared far and wide which I will do. In fact, as soon as I hit Submit, I will do a cut and paste, drop it in an e-mail and send it off to those contacts who would not see it on fb or twitter.
Dr. Rob did a terrific job covering this very important topic. Until later, aloha. Janet
Hi Janet, Thank you very much for sharing this post. I agree, Rob’s message is very important. We need to be aware of the threats that face us these days and Rob has done a stellar job of explaining these to use. The more people who know about these threats, the better prepared we can be.
Now I am concerned about storing confidential info on cloud.
Both this article and the one you wrote in the E edition of the Inquirer on 1/5/2012 are most interesting.
Thanks
Hi Jerry, Thank you for your kind words.
I understand your concern, but even if you didn’t store anything in the Cloud, even if you didn’t own a computer, you would still have data in the Cloud from the stores you visit, credit card companies, banks, health insurance companies, etc. If you use a loyalty card at a grocery store, the information about your purchases is stored in a database somewhere. If you use a credit card or have health insurance, those companies have information about you that is stored on a server.
It’s practically impossible to avoid having your data in the Cloud because you have very little control over your information. You could take every security precaution available, but you would still be vulnerable to security threats from attacks on other company’s servers. Law enforcement taking these threats seriously is the best protection we have. People like Rob who work with law enforcement to catch hackers are helpful to us in keeping our data secure.
Hi carolyn,
It is a pretty obvious thing that we tend to forget. though malware and most of the threats were there a long time ago except social media viruses. one should be pretty cautions about these relatively new kind of threats.
Hi Faran, Good point, these threats have been around for a while but hackers are definitely getting bolder, as seen with the break-ins to Sony and government agencies. As more personal data is stored by individuals and companies, the threat from cyber criminals becomes more ominous.
Catching and prosecuting hackers is an effective deterrent against cybercrime as well as companies taking extreme security precautions against online data theft.
Hi again,
speaking of companies, i think their role is most important as not all of the users know if a link contains a virus or malware. social networks, facebook in particular should convert their attention on this matter as they have failed to protect their users.
Hi Faran, You make an excellent point. Companies who store our data should be held responsible if they don’t take proper measures to protect against cyber-criminals. Security should be state of the art, otherwise they are risking severe consequences for their customers.
Good blog. I was a criminal mastermind in a former life and even I got a couple of viruses on my computer last week. 🙂
I do get annoyed at malicious links on Facebook and I can see those getting more common.
My junk mail folder is always full of malicious stuff but sometimes my anti virus detects a virus in an attachment and that crashes Outlook; that’s annoying.
The New Year is going well so far; no snow!
Hi Mike, A criminal mastermind in a former life? Glad you came over to the bright side!
As more sites get ahold of our personal data, we lose more control of our personal information. Sites that obtain our information should be obligated to keep it protected from hackers.
We are having a very mild winter here. I’m getting very spoiled by the warm weather!
Cloud is the new OS in its inception and it also has so many aspects from app world. So there are plenty attack vectors. Good news that the industry learned a lot how to architect, design, implement and maintain platforms and applications with security in mind. So while Cloud attracts bad guys my biggest hope Cloud vendors will be putting their lessons learned in on-premise world to protect their customers data and their own reputation in the cloud world.
Hi Alik, Welcome to The Wonder of Tech! Excellent point, more sites these days are being designed with security in mind from the beginning. Hopefully sites with multiple layers of security will be more effective against hackers trying to infiltrate and swipe the data.
Site owners who have lax security are risking their online reputations. Customers will be attracted to sites that are secure and shun those businesses that have multiple security breaches.
Thanks for visiting The Wonder of Tech, Alik, and leaving your insightful comment!
Hi Carolyn,
I haven’t thought much about security threats after I switched from PC to Mac, but now I’m starting to worry a little. I have received a lot of scam emails from my work and from my bank, and they are very professionally done. It’s almost impossible for “regular” people to understand that they’re not really from the right company. I have almost clicked on the links inside the emails myself.
One thing that I still keep doing is that whenever I can find a free open WiFi spot when I’m traveling, I connect my iPhone or iPad to it in order to get online. I’ve heard so many stories that this is not such a good idea… but that’s something I just can’t stop doing. It’s just too expensive to use 3G in other countries (and I don’t have 3G on my iPad).
Hi Jens, you’re right, the phishers are getting much better at imitating genuine emails from real sites. It’s best not to click on links from emails. If you do, don’t enter your user name or password to access any account.
Similarly, when you are on open Wi-Fi, don’t enter any usernames or passwords. If you have your usernames and passwords saved, such as with an email app, you shouldn’t have a problem using open Wi-Fi networks. Just be sure to remember that your keystrokes could be tracked by hackers.
Rob,
I appreciate your sharing these details with us.
Especially interesting that you mention increased government cyber warfare capacities.
All the best in 2012!
~Keri
Hi Keri, Welcome to The Wonder of Tech! You’re right, governments around the world need to be pro-active in battling cybercrimes. Only by governments taking these threats seriously can thieves be thwarted.
Thanks for stopping by and leaving your comment, Keri!
Hi Carolyn,
These all threats are real. I faced wrath of a malware a few months back and it took me seven days to recover from it. Even my backups got infected.
Sometimes back my father’s email id was hijacked. I also keep getting phishing mails to reveal my data.
To avoid issues, we need to keep our AV update, anti-malware installed , carefully look at the url before clicking on them and also to keep backup of our important files.
Thanks to you and Dr. Rob for sharing the information with us
Wow, Ashvini, I’m so sorry that happened to you. Do you know how your files got infected? What a nightmare to have happen to you. I know those seven days must have been filled with frustration for you, especially when you discovered your backup was corrupted.
I truly hope this never happens to you again, Ashvini, and that the hacker who infected your files gets his just desserts someday! >:)
Thanks for your concern Carolyn and may the hacker’s account get hacked :).
It was really strange because it might have come from a open source code that thesis theme uses. It infected my local machine( on a local wordpress installation), then through filezilla infected my sites too :(. It was a real nightmare. I never install any unknown software on my site and have AV running always. A malware will first kill AV hence antimalware is must for a computer. My choice is Hitman Pro
If you ever use thesis let me know , I will tell you which code to remove
Hi Ashvini, That’s amazing that the virus got through all of your protection. At least you discovered the culprit and were able to alter the code. Perhaps you should let Chris Pearson know about the flaw in the Thesis code so he can update it to protect others?
I’m glad you were able to get up and running again, Ashvini!
Hi Carolyn,
Great post of awareness as we venture into the unknown 2012. I agree that there is a lot of anticipation, and uncertainty. However, if one is armed with that pragmatic mindset, the he/she will be ready for basically any unforeseen contingency and also will be ready for the challenge. I mentioned on my Blog that a Positive mindset is the foundation and cornerstone to achieve success. All the best for 2012!!
Hi Sonia, Welcome to The Wonder of Tech! You’re right a positive and pragmatic mindset is very important. We need to deal only with companies who take the extra step and added expense of protecting our data. I hope that 2012 is a safe and successful year for you, Sonia!
Internet Marketing today is competitive and most of us used different strategies in order to be popular in search engine sites. We are surrounded with different people with different personality and most of us spend hours in Internet surfing. We could not avoid any problems in our website especially for those hacker’s that make our site break down. It could damage our computer especially the important files that we have. This situation is very embarrassing and a night mare for all of us.
This article is unique and informative. I Learned a lot from it, that make me aware and inspire how to keep my computer safe all the time.Thank you for sharing your ideas Ms. Carolyn and keep up the good work!
Law Firm SEO
Hi Law Firm SEO, welcome to The Wonder of Tech! I’m so glad you enjoyed this article. Rob did a great job writing it and we are very fortunate to have his guest post here at The Wonder of Tech.
I hope companies will take computer security seriously as we entrust them with our personal data. While we can take precautions on our own sites, we are vulnerable to companies that obtain our data and store it on our servers.
Thanks for stopping by, I hope you come back for another visit!
Hi thanks very thought provoking and informative.
I’m with jens since going over to apple security falls from your mind. Your not constantly getting updates pop up on your screen for what ever security you are using. So it slowly falls from your mind but I must admit I haven’t stored anything in I cloud. I know where something is stored electronically really makes no odds. And apple will have your data very secure just seems more vulnerable. Prime evil feelings I suppose keep what’s most precious to you close to you.
Thanks again will defiantly be giving my cyber security a once over.