Security features in Windows 8 will discourage operating-system attacks and drive hackers to develop malware that compromises hardware directly, according to McAfee's security predictions for 2012.
"Advances in the Windows 8 bootloader security feature have already caused researchers to show how they can be subverted through legacy BIOS," McAfee says in its "2012 Threats Predictions, "meanwhile, the product has not even been fully released yet."
At the same time Intel is developing its unified extensible firmware interface that is meant to enforce secure booting, which will further prod attackers into designing malware that evades these new protections, the report says.
"We will keenly watch how attackers use these low-level functions for botnet control, perhaps migrating their control functions into graphics processor functions, the BIOS, or the master boot record," the report says. "In spite of our efforts to thwart their ambitions, attackers clearly see the value and power of attacking hardware and moving outside of traditional operating-system attacks."
Attacks on mobile devices will also gain more attention from adversaries as the devices are used more to conduct financial transactions and become repositories of valuable information, McAfee says.
With PCs, attackers have effectively infiltrated banking applications, and the same will happen with banking apps on phones, the report says. "Attackers have adapted quickly to every change intended to secure banking on PCs. As we use our mobile devices ever more for banking, we will see attackers bypass PCs and go straight after mobile-banking apps," the report says.
To gain better control of mobile devices, attackers will take advantage of rooting tools that legitimate customers use to add more features to their phones.
"Attackers have already used old root exploits to hide themselves; as new exploits are developed, attackers will eventually install their own custom firmware," the report says.
Virtual currency operations such as Bitcoin will come under increasing attack in the coming year, McAfee says, because the virtual wallets where transactions take place are public and unencrypted - making them ideal for attacks from Trojans.
And a formal business structure, similar to what has grown up around botnets, will develop to streamline the violation of virtual currencies. "We expect to see this threat evolve into a cottage industry of cybercrime next year," McAfee says, "with spam, data theft, tools, support networks, and other associated services dedicated solely to exploiting virtual currencies."
Attacks against supervisory control and data acquisition (SCADA) systems have been proven and administrators of these systems need to take the threat seriously, McAfee says. There has been enough proof - particularly via Stuxnet - that cyber attacks can cause physical damage, so steps should be taken to reduce that likelihood.
"It's time for extensive penetration testing and emergency response planning that includes cybercomponents and networking with law enforcement at all levels," the report says. "They must ask themselves: What happens when we are targeted?"
- Hacktivists will integrate their protests with physical protests by demonstrators to assert more focused political pressure.
- Cyber war demonstrations, if not actual attacks, will take place if for no other reason than as a deterrent to demonstrate how destructive they could be.
- Further compromises of SSL certificates will reduce confidence in certificate authorities.
- Traditional spam will wane as legal entities that accomplish essentially the same goals gain favor.