Malware that confounded the internet world in 2012

2012 has been a year that has seen great stories in the world of the Internet when it comes to security. It’s easy and straightforward to point to the great stories that have formed a topic of conversation and have called for a completely different kind of thinking and approaches in the security industry. In fact, for the world of cyber security, 2012 has been the year of cyber warfare evident by government sponsored attacks and malware. This year has also been the year of hacktivists who have attacked websites relentlessly.

Flashback malware became very popular in April, when the damage it had caused was finally exposed. The number of Macs infected with the malware was estimated at 700,000. It marked the first infection of the Mac and essentially the biggest yet. The ramifications of this malware were far reaching as the Mac was now vulnerable and this represents a major source of concern for the Apple brand faithful. Security industry experts looking for answers about how flashback malware succeeded on the Mac OS X platform realized that the malware was taking advantage of a Java vulnerability. It was able to spread and infect more Macs because Mac users had not employed any security measures. It is now common sense that major breakouts are actually possible on the Mac platform.

Cyber ​​espionage was taken in 2012 to a whole new and different level. Since April, cyberattacks have been reported in the Middle East on computer networks and oil platform systems. The malware cleaner was responsible, although it was never profiled because it was not found. But by finding answers to this, other sophisticated malware was discovered; Flame and Gauss. Flame malware has finally been declared a very complex malware capable of devastating attacks when deployed. The malware was deployed in Iran in the Middle East for the purpose of its nuclear enrichment program. Flame’s capabilities were immense and it is capable of stealing documents, intercepting audio conversations, scanning bluetooth devices and taking screenshots and corrupting databases. Flame has been closely related to the Stuxnet malware and both are believed to be government sponsored and developed. It is even believed that Flame had been around long before it was discovered. The malware was unique in that it could be deployed as a man in the middle and even affect patched Windows operating systems. Gauss was even more mysterious and his abilities just as complex as with flame malware. The deployment of this malware in the Middle East is the sign of a cyber war that will only break out in the future as more nations join the cyber arms race.

Android threats in 2012 have increased dramatically and statistics show that Android malware has increased sixfold. This can best be explained as an explosion in the number of threats on the platform. The reasons behind the explosion in the number of Android threats may be based first on the fact that the platform is open source and allows malware writers the same freedom as app developers to take advantage of the platform. Another reason has to be economic gain as Android has been very popular and there are a large number of Android users to target. Industry experts expect the same trend to continue next year.

The circus surrounding the DNSChanger malware and its eventual shutdown by the FBI deserves a mention among the highlights of the security industry in 2012. When the FBI took over this identity theft infrastructure, it gave time. malware victims to disinfect their systems. . This was a smooth incident and was a perfect example of what cooperation between private sector companies, governments and law enforcement agencies could lead to. Information sharing, cooperation and pooling of resources are vital ingredients if the fight against cybercrime is to be successful.

Notable events in the cybercrime and security industry are Adobe certificate theft, Shamoon malware, Mahdi incident, password leaks that occurred with Dropbox, LinkedIn, among others, and zero-day vulnerabilities from Java. All of these were a wake-up call for the security industry and demonstrated that the attacks will have no limits and can affect an extremely large number of people. Hacktivists came and announced their presence and they will be a big concern in the future as well. The actors have not changed much, but the scope and complexity of the attacks continue to grow and are cause for concern.