By Stewart Tongue

YNOT – The biggest threat to cyber-security in 2013 may well be an increase in state-sponsored attacks against not only enemy governments, but also against major corporations located in enemy territory, according to digital security firm Kaspersky Labs.

Kaspersky recently released its analysis of the 2012 malware landscape, along with predictions about the dangers looming on the horizon this year. Chief among the company’s concerns is what analysts called a significant shift toward attacks that have emerged as part of heavily funded or state-sponsored malware campaigns. Such attacks often are mimicked in the private sector.

In 2010, the revolutionary Stuxnet virus was widely reported to have damaged sensitive equipment used by the Iranian government in the process of enriching uranium. Some reports alleged a tie between Stuxnet, the U.S. government and Israel. In 2012, Stuxnet-like attacks proliferated on a much wider and faster scale.

2012 brought new viruses, as well, with nicknames like Flame, Gauss, Mini-Flame and Shamoon. Most were carefully designed to steal sensitive data or conduct surveillance on victim networks while giving attackers a presence undetected by the host machines. Shamoon proved particularly deadly, because it irreversibly wiped data from targeted networks or rendered them useless in other ways.

Now quasi-private corporate interests are under assault by similar code hacks. For example, in 2012 the massive oil company Saudi Aramco was brought to its knees temporarily by a virus that destroyed data and disrupted more than 30,000 employees, leaving the company floating idle for weeks during a slow recovery process. Highly disruptive distributed denial of service, or DDoS, attacks against leading banks also were reported during the second half of 2012. The entire online presence of some banks went offline for hours at a time, potentially costing many millions of dollars in damages.

Kaspersky cautions that the real danger in 2013 will come from more state-sponsored, high-level attacks, possibly in collusion with equipment manufacturers and private-sector hackers. If such a scenario develops, it could affect the flow of business in a variety of sectors as well as the operation of the internet itself.