With trends like bring your own device (BYOD) gaining popularity in the region, the cyber threat landscape will evolve and get more sophisticated, according to Shirley O'Sullivan, Vice President of Marketing for EMEA at Blue Coat Systems.
"Businesses today manage so many end points that at any given time tens to hundreds of them may be infected, typically with mass market malware," says O'Sullivan. "While not the ideal security situation, businesses nonetheless tend to tolerate this level of mass market malware infections. In 2013, this tolerance level will create a backdoor for covert targeted attacks," she says.
A growing underground network is connecting cybercriminals running bots and facilitating attackers to target infected computers. As companies grow in size, it is increasingly likely that attackers will be able to find an infected system, says the Blue Coat executive. In this way, what was an infection from a mass market attack can covertly become a targeted attack.
"In this way, what was an infection from a mass market attack can covertly become a targeted attack," explains O'Sullivan.
"Facilitating this shift will be the addition of intelligence gathering tools to standard Trojans that actively explore a hard drive rather than wait for a user to go to financial site," she continues.
While not the ideal security situation, businesses nonetheless tend to tolerate this level of mass market malware infections. In 2013, this tolerance level will create a backdoor for covert targeted attacks."
Mobile malware to trouble Mideast businesses in 2013
With more Middle East firms enabling employees to access corporate networks with their own mobile devices, we can expect such devices to become high value targets.
Companies will need to invest in state-of-the-art file sharing applications which enable seamless, real-time collaboration locally or regionally, according to Altaf Alimohamed, managing director, Media Solutions. There are decent bottom-line benefits to companies offering remote working options such as reduced office space, but he warned that there are risks to be factored into the equation.
"Recent research suggests that digital information transfer will be around 35 trillion gigabytes by 2020, requiring 44 times more data storage than that globally available (just three years ago)," explains Alimohamed.
The Middle East currently accounts for 3.7% of global web traffic, but since it accounts for 40% of the world's population, experts predict a surge in data usage across the region.
"This means data security will take on a higher priority than ever before and holistic, file-sharing solutions which challenge the need for building, running, maintaining and constantly upgrading server-based IT services will come into their own," he says.
O'Sullivan reckons that people in the region are most aware of 'mischiefware,' which includes text messages and rogue app purchases, which do not breach security models, as such, but are a nuisance and can incur unwanted costs.
"In 2013, expect to see malware that doesn't show up as an app on the smartphone, but instead exploits the security of the device itself to identify valuable information and send it to a server," she says. "Hand-in-hand with this new mobile malware threat, expect to see the first mobile botnet that can forward SMS messages to command and control servers."
The current threat landscape will evolve as long as cybercriminals keep adjusting and refocusing their attacks. Judging from recent years, this will certainly be the case. As mass market and targeted threats converge, it will be critical for businesses to take a holistic view of their security. No longer should mass market and targeted attacks be viewed as separate threats - they have become one and the same.