From Anonymous to the Department of Homeland Security, security experts weigh in on cyberthreats to look out for in 2013. They include Java, privacy violations, DDoS attacks, and mobile malware.

What is the number one biggest threat or the fastest growing cyberthreat that people can expect to see in 2013?

Man-in-the-browser attacks for mobile platforms will flourish as they allow you to bypass authentication to cloud environments and traditional portals.

In addition, watering hole attacks will become the main delivery mechanism for cybercrime as you can pollute trusted websites and use those sites to attack their constituencies.

What is facilitating the problem?

Web 3.0 has an Achilles heel, which is the dependency on the browser to authenticate to the cloud from the mobile end point. The browsers are vulnerable to MIB attacks. In addition, most industries are migrating to 3.0 this year.

This migration to Web 3.0 and the modularization of automated attack code facilitate credential theft and the delivery of zero days for applications. In addition, the vulnerability of web sites and mobile apps to the OWASP top 10. HTML 5 exacerbates this phenomenon.

What specific measures can people take to address the threat?

Organizations allocate greater resources to virtual patching, file integrity monitoring, cloud security, and advanced threat protection.

- Tom Kellerman, Vice President of Cyber Security forTrend Micro

What is the number one biggest threat or the fastest growing cyberthreat that people can expect to see in 2013?

The fastest growing cyberthreat in 2013 will be web based exploit kits for drive by infections such as Blackhole. Over the past three months I’ve noticed more exploit kit chatter amongst private security lists and I’ve begun to see more new kits springing up. From Redkit to CritXpack, Blackhole’s success in the underground markets seems to be spawning the opportunity for others to create their own kits.

What is facilitating the problem?

The rise in Web-based exploit kits is due to a couple of things. First is, as I’ve mentioned above, the continued success of Blackhole. It seems that most Web and e-mail based attacks lead to a site where Blackhole exploit kit is installed.

The other reason is continued borage of Java exploits that are popping up. Once these exploits make it out to the public, for one reason or another, kit producers are quickly putting these exploits in their packs. The reason that Java is used in Web-based exploit kits is because it’s so successful in exploitation, typically three times more successful than the next exploit.

Kits are so damaging because they are becoming widely accessible, are including these exploits faster in their cycle from 0-day to kit, and the exploit kit coders are beginning to offer more services modeled after professional service that help maintain and improve their effectiveness.

What specific measures can people take to address the threat?

Ensure that web based client applications are always kept up to date! In the case of Java, which has recently had 0-day exploits rolled into exploit kits, uninstall it. If Java is absolutely necessary for a custom application, try to use two browsers, one browser with Java enabled and intended for use specifically for that custom application and another with Java disabled for every day browsing.

- Chris Astacio, Manager, Security Research,Websense

What is the number one biggest threat or the fastest growing cyberthreat that people can expect to see in 2013?

Internet wiretap and control over your internet life by your ISP.

What is facilitating the problem?

Pressure from different regulation agencies representing rich entities like Hollywood. Big internet service provider that cooperate with law enforcment without warrant like Facebook, Google, Twitter, etc. 

What specific measures can people take to address the threat?

Install Firefox with the following extensions => HTTPS Everywhere, DoNotTrackMe. Use the TOR Browser bundle when you do stuff you think Hollywood would disagree with. Learn about data encryption : HTTPS (ssl) and paidVPNs like HideMyAss. Follow @YourAnonNews on twitter and educate yourselves.

- spokesperson for Anonymous (AnonRelations) via e-mail.

What is the number one biggest threat or the fastest growing cyberthreat that people can expect to see in 2013?

At a recent event, Secretary Napolitano gave remarks where she outlined that one of the biggest cyber threats we face is that to our nation's critical infrastructure. You can find the press release on that eventhere.

What is facilitating the problem?

For more information on how cyber threats can have physical consequences and what that means to us as a nation, see the most recentjoint article by our Deputy Under Secretaries Mark Weatherford and Susan Spaulding with Emergency Management Magazine.

They also did an interview together on Federal News radio recently on this topic. The transcript can be foundhere.

What specific measures can people take to address the threat?

As for threats that typically affect consumers and daily users of the internet, our United States Emergency Computer Readiness Team (US-CERT) has a lot of resources on what threats are out there, and how every individual can protect themselves against these threats. You can find that informationhere.

- Silvia A. Farag, DHS Acting Deputy Director, External Affairs Office of Cybersecurity and Communications U. S.

What is the number one biggest threat or the fastest growing cyberthreat that people can expect to see in 2013?

From my perspective as an availability security professional, the biggest threat that we will face in the next year is the growing size and complexity of DDoS attacks. Recently, three distinct trends have emerged with DDoS attacks:

- Attacks against SSL. These attacks hit web sites on https://, and cause substantially more severe resource depletion than plain text traffic. DDoS mitigation systems do not protect against these attacks, which at many organizations could result in a complete system outage with even a very small attack. To defeat SSL attacks, organizations will need to begin overprovisioning systems to absorb the malicious traffic or create web application firewalls (or WAF's) that decrypt the SSL traffic, filter the attack, and then reencrypt the confirmed clean traffic. This is something for which most organizations will not be prepared.

- Increased size of large attacks. We're now seeing many more attacks on UDP and TCP protocols that are multi-10G and in excess of 9 million packets per second. As these attacks become the new norm, organizations will need to begin upgrading their DDoS mitigation capabilities. Many existing devices and service providers will encounter obsolescence.

- Increased complexity of application layer attacks. Also known as Layer 7 attacks, these are typically against web servers and are designed to deplete the resources of the server without the administrator being able to determine which connections are malicious, preventing the attack from being identified and filtered. In response, organizations will need to ensure that their security capabilities are sufficient to address this issue. While products and service providers can assist, the best defense begins with competent in-house security professionals who are capable of building basic defenses against the problem. Similar to SSL, well-configured WAF's are helpful [in preventing] these attacks.

What is facilitating the problem?

These threats have existed for several years, but are becoming more severe and common place with advances in malicious hacker capabilities, increased availability of internet infrastructure and bandwidth, and a culture in the security community where professionals errorneously rely on others to defend them. We fear that before long the only organizations who will be able to exist on the internet are those who have substantially invested in defending their systems and networks against DDoS attacks. Should this occur, the cost of security at nearly every company will increase dramatically and this expense may be passed along to other businesses and consumers.

What specific measures can people take to address the threat?

In recent years many organizations have begun to defend themselves by purchasing protection services and security appliances, but as attack size and vector continues to mature these measures will become obsolete. As a result, many organizations will endure increased costs and system downtime while attempting to address this problem.

- Jeffrey A. Lyon, President of Black Lotus Communications

What is the number one biggest threat or the fastest growing cyberthreat that people can expect to see in 2013?

If current trends continue we will see even greater risks fromransomware and mobile malware in 2013. The volume of mobile malware has grown exponentially on Android, and Google's attempts at blocking it are not working. 2012 saw a large increase in ransomware infections, but they seem to be gaining speed, not slowing down as we prepare to enter 2013.

What is facilitating the problem?

Social engineering is responsible for most of the Android threats. People trying to load pirated versions of paid apps or being convinced to install free tools that are Trojanized. Ransomware most frequently invades Windows PCs through unpatched security flaws, primarily Java.

What specific measures can people take to address the threat?

Stay up to date on all of your OS patches and plugins and only load software from reputable sources. If you avoid pirated software and keep up to date, you will avoid 99% of the trouble out there. Common sense always rules.

- Chester Wisniewski, Senior Security Advisor.Sophos Inc.

What is the number one biggest threat or the fastest growing cyberthreat that people can expect to see in 2013?

In the next year, due to ease of acquisition, inexpensive cost, and the growing number of "hackers-for-hire," enterprises will likely see an increase in unwanted traffic, DDoS, competitive scraping and malicious service attacks.

What is facilitating the problem?

The problem is growing exponentially and is two fold: 1) These attacks are relatively inexpensive and easy to implement, and 2) Many organizations have not taken the necessary steps to protect their networks beyond – their existing technology, like their Firewall and IPS which were not built to handle this unwanted traffic.

What specific measures can people take to address the threat?

Allowing unwanted traffic onto any enterprise network can cost money, waste resources, impacts availability, invites compromise, degrades performance, masks behavior and even informs competitors. In addition to first formulating a security plan, it would help to implement some additional prevention plans.

With attackers growing in sophistication, a new sort of security "perimeter" that goes beyond traditional firewall technology is required to stop these attacks before they can take root. These technologies, a new first line of defense, halt DDoS and server-targeted malicious attack activity by filtering and removing attack traffic before it even reaches the firewall, without impacting legitimate traffic. This way, your infrastructure (Firewalls, Load Balancers, IPS, Servers, Databases etc.) will never see it.

- Stephen Gates, Technology Evangelist at Corero Network Security

What is the number one biggest threat or the fastest growing cyberthreat that people can expect to see in 2013?

The adoption of PaaS cloud services for application deployment by organizations without awareness of the vulnerabilities that could be introduced.

What is facilitating the problem?

Cloud providers marketing towards application developers with no security background or understanding of how to build secure code.

What specific measures can people take to address the threat?

More industry education and case studies of failures in the space so application developers can learn.

- Nicholas Percoco, Senior Vice President and head ofSpiderLabs at Trustwave