1. Ransomware to take mobile devices hostage

Ransomware, an infection that holds a device hostage until a ransom payment is delivered, has been around on PCs for years. Mobile malware that utilize exploits have also been observed, along with social engineering tricks that lead to root access on the infected device. With root access comes more control and elevated privileges, suitable for the likes of ransomware. FortiGuard predicts we’ll see the first instances of ransomware on a mobile device in the coming year.

2. Worming into Android

Worms, malware that is able to quickly propagate from one device to another, have by and large remained absent from the Android operating system, but FortiGuard Labs believes that will change in 2012. Unlike Cabir, the first Symbian worm discovered in 2004, Android malware developers most likely won’t be using Bluetooth or computer sync to spread out because of their limited ranges. Instead, the team believes the threat will come from either poisoned SMS messages that include a link that contains the worm or through infected links on social networks, such as Facebook and Twitter.

3. Polymorphism want a cracker?

In the last year, FortiGuard Labs saw Android malware use encryption, embed exploits, detect emulators and implement botnets. But what they haven’t seen yet is an example of polymorphism. Polymorphism is malware that is capable of automatically mutating, making it extremely difficult to identify and thus destroy. The team has previously encountered polymorphism on Windows Mobile phones and believes it’s only a matter of time before the malware appears on Android devices.

4. Clampdown on network-based money laundering

Using anonymous fund transferring services, human networks and payment processor safe havens, cybercriminal syndicates have pretty much operated with impunity for years. However, FortiGuard Labs believes more people will be tracked and captured in 2012. The recent arrest of ChronoPay CEO Pavel Vrublevsky's on the grounds of hacking Aerfolot's Website and preventing visitors from buying tickets, is a good example of the type of takedowns the team expects to see in the coming year.

5. Public-private relationships in security

In 2011, FortiGuard Labs saw an increase in global collaborative botnet takedowns including Rustock and DNS Changer. Meanwhile, arrests were made against international members of Anonymous and LulzSec hacktivist groups. This crackdown will continue in 2012, and the team believes that much of it will be aided by Defense Advanced Research Projects Agency’s (DARPA’s) public defense initiative. DARPA was recently granted USD 188 million budget and plans to use part of the money on initiatives to build a cyber defense team in the private sector. It seems likely that in 2012 similar relationships will be formed worldwide.

6. SCADA under the scope

For over a decade, Supervisory Control and Data Acquisition- (SCADA) based threats have been a concern, because they are often connected to critical infrastructure such as power and water grids, which are not always operating on a closed circuit. Many new human machine interface (HMI) devices that interact with these systems have web interfaces for logging in that can be circumvented to access back-end systems. Groups such as Anonymous have already found an assortment of web-based vulnerabilities simply by picking targets and scouring code. In 2012, FortiGuard predicts new SCADA vulnerabilities will be discovered and exploited with potentially devastating consequences.

7. Sponsored Attacks

The FortiGuard team often talks about Crime-as-a-Service (CaaS) to describe how criminal syndicates are offering though the Internet illegal and detrimental services, such as infecting large quantities of computers, sending spam and even launching direct denial of service (DDoS) attacks. In 2012, FortiGuard Labs expects to see CaaS leveraged for more strategic and targeted attacks on companies and individuals to include state or corporate sponsorship.

8. Hacking a good cause

While Anonymous has been alive and kicking in one capacity or another since its formation on 4Chan.org in 2003, only in the last year have the loosely organized anarchists started using their power to attack large, high profile targets such as Sony. They’ve recently threatened to unmask Mexican drug cartel members and helped authorities break up a child porn ring. FortiGuard expects to see more examples of hacktivist justice meted out throughout 2012 along with a mix of attacks that border or cross the line of justice.