Cybercrimes are becoming more mobile.
As more smartphones and tablets are being used, cyberthieves aren't just targeting personal computers to steal information for financial gain, antivirus security experts say.
“With the proliferation of mobile devices, that's just where the next threat landscape is going,” Symantec Inc.'s Lynn Hargrove said of what's expected in cyberspace in 2012.
“More people will have a mobile phone or a mobile device than a PC.”
Young men between the ages of 18 and 31 are targets because of the large amount of time they spend online every week, said Ms. Hargrove, director of consumer solutions for Symantec.
Known as the “millennium males,” they spend more than 49 hours online a week, she said.
“They're accessing the Internet everywhere,” she said. “They're big on using free Wi-Fi.”
Google's Android operating system, used in smartphones and tablets by manufacturers such as Samsung Electronics Co. Ltd., HTC Corp. and Motorola Mobility Holdings Inc., is vulnerable, experts say.
Mobile malware is on the rise, especially with the Android devices, said Doug Cooke, director of sales engineering at McAfee Canada.
Mr. Cooke warned against users downloading Android apps from third-party marketplaces, adding that malware writers will take an existing app and embed their own code in it and put it up for sale on these sites, which aren't monitored as carefully.
“There's much more likelihood for users in the Android world to use those third-party marketplaces and as a result they get these apps and start having troubles,” he said. “As usual, the malware writers are looking for ways to make money.”
Ms. Hargrove said consumers will need to make sure their mobile devices are secure now that they're being used for online shopping and banking as well as storing personal information.
“People don't understand that it's an extension of their computing platform.”
David Craig of PricewaterhouseCoopers said he expects to see attacks on machines connected to the Internet — everything from smart TVs to gaming systems to smart meters and home security systems and even wireless printers — in 2012.
“Someone is going to exploit that for their benefit,” said Mr. Craig, security consulting leader at PwC in Toronto.
Cyberthieves will look for an “attack vector” to get inside a house, he said.
For example, gaining access to a smart TV that has a webcam can allow a thief to see that no one is home, resulting in a break-in, Mr. Craig said. “Where you can go once you're inside can be unlimited.”
He said manufacturers are shipping equipment with the ability to turn on basic security such as firewalls or some level of antivirus or malware detection capabilities. “More and more equipment is coming with that option, so it really behooves the consumers to turn it on.”
Mr. Craig also foresees the exploitation of personal data for financial gain or embarrassment. Electronic medical records, shared between clinics, hospitals and doctors and often stored on patients' devices, are vulnerable, he said.
“That will be one of the trends we will see over the next while,” he said. “As more and more data becomes electronic, it's just more and more available for someone to take it. When it's buried in a physician's paper records in their office, it's harder to steal.”
“Poison” search terms for big events, such as the 2012 Olympics in London, will continue to try to dupe Internet users into going to “infected” sites, Ms. Hargrove said.
McAfee's Mr. Cooke said malware writers will also keep using spam that's targeted at individuals or organizations, known as spear phishing, looking for data that can be used for financial gain. “It's targeted more than it used to be so the volumes are down a little, but the threat of it is actually greater.”
Mobile phones, particularly Androids, will continue to face SMS text messages with malware that results in users not realizing they've been charged for the texts.
“They may not notice 10 or 15 a month. That can be a lot of money for a scammer over a large population,” Mr. Cooke said.
Attacks on social networks won't diminish either, next year, said Ms. Hargrove, citing cybercriminals using shortened links to malicious sites on news feeds on users' social network pages.
Mr. Craig said malware is going to get more sophisticated in 2012, but the economic climate will have an impact on the amount of cybercrime that will take place. “The jury is still out as to what the economic cycle will be next year.”