Kaspersky's top cybersecurity threats for 2013

The cybersecurity firm predicts state-sponsored cyber warfare will continue in 2013. During 2012, Kaspersky Lab discovered three new major malicious programs that were used in cyber warfare operations: Flame, Gauss and miniFlame. While Flame was the largest and most sophisticated of the cyber-espionage programs, its longevity was its most prominent characteristic.

Being at least a five-year-old project, Flame was an example of a complex malicious program that could exist undetected for an extended amount of time while collecting massive amounts of data and sensitive information from its victims. Kaspersky Lab's experts expect more countries to develop their own cyber programs for the purposes of cyber-espionage and cyber-sabotage. These attacks will affect not only government institutions, but also businesses and critical infrastructure facilities.

In 2012 an on-going debate took place on whether or not governments should develop and use specific surveillance software to monitor suspects in criminal investigations. The firm predicts 2013 will build on this issue as governments create or purchase additional monitoring tools to enhance the surveillance of individuals, which will extend beyond wiretapping phones to enabling secret access to targeted mobile devices.

"The most notable trends of 2013 will be new example of cyber warfare operations, increasing targeted attacks on businesses and new, sophisticated mobile threats," predicts Costin Raiu, Director of Global Research & Analysis Team for Kaspersky Lab.

Government-backed surveillance tools in the cyber environment will most likely continue to evolve, as law-enforcement agencies try to stay one step ahead of cybercriminals. At the same time, controversial issues about civil liberties and consumer privacy associated with the tools will also continue to be raised.

"In our previous reports we categorized 2011 as the year of explosive growth of new cyber threats," says Raiu. "The most notable incidents of 2012 have been revealing and shaping the future of cyber security. We expect the next year to be packed with high-profile attacks on consumers, businesses and governments alike, and to see the first signs of notable attacks against the critical industrial infrastructure," he continues.

The development of social networks and rising threats that affect both consumers and businesses have drastically changed public perception of online privacy and trust, says Kaspersky. As consumers understand that a significant portion of their personal data is handed over to online services, the question is whether or not they trust them.

Such confidence has already been shaken following the wake of major password leaks from some of the most popular web services such as Dropbox and LinkedIn. The value of personal data - for both cybercriminals and legitimate businesses - is destined to grow significantly in the near future.

This year has seen the explosive growth of mobile malware, with cybercriminals' primary focus being the Android platform, as it was the most popular and widely used. In 2013 we are likely to see a new alarming trend - the use of vulnerabilities to extend "drive-by download" attacks on mobile devices.

This means that personal and corporate data stored on smartphones and tablets will be targeted as frequently as it is targeted on traditional computers. For the same reasons (rising popularity), new sophisticated attacks will be performed against owners of Apple devices as well.

As vulnerabilities in mobile devices become an increasing threat for users, computer application and program vulnerabilities will continue to be exploited on PCs. Kaspersky Lab named 2012 the year of Java vulnerabilities, and in 2013 Java will continue to be exploited by cybercriminals on a massive scale.

However, although Java will continue to be a target for exploits, the importance of Adobe Flash and Adobe Reader as malware gateways will decrease as the latest versions include automated update systems for patching security vulnerabilities.