ThreatMetrix, a provider of integrated cybercrime preventionsolutions, announces the most threatening cybersecurity trends andrisks businesses and consumers must keep top of mind in 2013. Theseinclude cyberwarfare, data breaches, migrating malware,bring-your-own-device (BYOD), cloud computing, and mobile andsocial media fraud.

In today's threat environment, the reach of cybercriminalsexpands to more industries each year, with financial services,insurance, retailers, enterprises and government agenciesespecially vulnerable to new threats.

“This year, cybercriminals have become so advanced that securityprofessionals are struggling to detect many of their attacks in atimely manner,” says Andreas Baumhof, chief technology officer,ThreatMetrix. “As nearly every industry is increasingly targeted,businesses and consumers must make cybersecurity a top priority in2013 to prevent fraud and malware attacks.”

ThreatMetrix has identified top cybersecurity trends and risksthat will impact businesses and consumers across several industriesin 2013:

Insurance

• Insurance at Risk from Mobile and BYOD –Cybercriminals are targeting insurance companies with identitytakeover by using stolen credentials to access financialinformation. Insurance companies need to expand their securitymeasures beyond passwords and multi-factor authentication. Layered,integrated defenses provide a more accurate picture of who isconnecting to applications, and whether devices are infected withmalware or disguising as a cybercriminal.

Mobile and Social

• As Mobile Grows, Fraud Risk Increases – Mobiletransactions are projected to reach $1 trillion by 2017, makingbusinesses and consumers more vulnerable to fraud and malwareattacks on mobile devices. Retailers and FIs do not have thebandwidth to monitor every transaction for suspicious activity, soconsumers must take measure to protect their accounts.
• Social Media Spam and Fraud – Social mediasites are making an effort to decrease the prevalence of spam andfraud in 2013, but this can be tricky – oftentimes these sitesoperate on several platforms through social registration, comments,voting/widgets and others. Administrators of sites such as Facebookand Twitter must take all platforms into consideration for theircybersecurity strategy.

Government

• The Emergence of Cyberwarfare – Stuxnet—thevirus allegedly developed by Israel and the United States tosabotage part of the suspected Iranian uranium enrichmentprogram—foreshadows a new generation of warfare. James A. Lewis, acybersecurity expert at the Center forStrategic and International Studies, indicated that at least 12 of the world's 15 largest militaries are currentlybuilding cyberwarfare programs, and other government agenciesworldwide should follow suit and prepare for imminentcyberwarfare.
• Government Agencies are in the Crosshairs ofCybercriminals — Government agencies, from U.S. federal tostate, are under attack from cybercriminals including thehacktivist group Anonymous and foreign governments. Chief amongthese in 2012 were attacks and data breaches on the U.S. Navy,NASA, the California Department of Social Services, Department ofHomeland Security, and the Wisconsin and South Carolina Departmentsof Revenue. As a result of these attacks, millions of Americans'bank account numbers, personal identities, financial records,usernames, passwords, email IDs and security questions werecompromised and these attacks show no sign of ending.

E-Commerce andFinancial Services

• Data Breaches Will Continue to Place Top Brands atRisk— Data breaches continued at an alarming rate in 2012including cyber attacks on such high profile brands as Nationwide, Yahoo,eHarmony, Zappos, LinkedIn, Global Payments and many others. Suchattacks are expected to continue in 2013 as more securityweaknesses are discovered by cybercriminals.
• Malware is Trickling Down to Retail, AlternativePayments and Digital Currencies – Malware, historicallytargeted at financial institutions (FIs), will increasingly affectretailers, alternative payments and digital currencies in the NewYear. These targets lack the same stringent levels of malwareprotection that FIs have spent years developing. Retail customerswho typically use the same password and save login details acrossseveral accounts are also placed at greater risk for fraud.

Enterprise

• BYOD Trend Increases Risks – The BYOD trendcommon in today's corporate world increasingly opens the door forcybercriminals. They are becoming more adept at designing malwarethat turns employees' devices – smartphones, tablets, PCs – intounwitting attackers of their own companies or accounts. In 2013,BYOD will continue contributing to today's malware threats throughshared devices, search engine poisoning, image searches, hiddenURLs and syndicated advertisements.
• Cloud Computing Increases Risk – As enterprisesystems move to the cloud, this makes businesses more vulnerable tosecurity breaches – the cloud is much easier for fraudsters toattack than traditional behind-the-firewall systems.

“As more business transactions and activities move online,almost no industry is completely safe from fraud,” says Baumhof.“The best way for businesses and consumers to stay protected is toput preventative measures in place before it's too late. Whilecybersecurity and fraud prevention seems unnecessary for somebusinesses, cybercriminals are so sophisticated today that theycan't be kept at bay for long without appropriate strategies inplace.”