Watering hole attacks, clickjacking and mobile threats will loom large in 2014, with cyber criminals increasingly using targeted attack methodologies in their campaigns and hiding themselves in the Deep Web, according to Trend Micro.

The internet security firm’s predictions for 2014 is based on its recent web video project, ‘2020: the Series,’ which took a look at what threats will be faced at the end of the decade.

CTO Raimund Genes said that this year promises to be a ‘prolific year for cybercrime,’ impacting businesses, governments and individuals alike.

Techniques like open source research and spear phishing, which are normally limited to targeted attacks will become increasingly popular next year as the cyber underground shares best practice knowledge, said the report.

In 2014, smart devices will be under fire from both targeted attacks and mobile banking, where basic two-step verification is no longer sufficient to stay safe, it said.

Man-in-the-middle attacks and malicious apps will pose a growing threat to consumers and corporate smartphone users, it added.

Rik Ferguson, VP of security research, said: “Technology advances only more rapidly and attackers are consistently just behind the crest of that innovation, waiting for widespread consumer adoption of new gadgets, new platforms or new ways of doing things.

“Mobile banking apps have only recently become the norm (as opposed to simply receiving an authorisation code via SMS) and we fully expect to see criminals looking for avenues of exploitation, particularly given the direct relationship to finances.

“Other emerging technologies, such as the AR headsets expected to be released by multiple manufacturers over the coming 12 months will need also to reach this tipping point before widespread attacks begin. However, given the wide-ranging data collection possibilities and their highly interconnected nature, long-term these devices will be firmly in the criminal sights.”

Embedded systems like point-of-sale (PoS) terminals, healthcare devices, and critical infrastructure, running old and unsupported Windows versions are particularly at risk, he said.

Ferguson also pointed out that law enforcers will have a harder time tracking down these cyber criminals next year as they burrow even deeper into the darknet.

Widespread threats are not expected this year in the emerging ‘Internet of Things’ (IoT) area, as it is still developing, he said. Cyber criminals are likely waiting for an IoT app to exploit it.

Beyond 2014, however, augmented reality headsets could become the next big thing for the cyber underground to target, he added. - TradeArabia News Service