Electricity systems, hospitals, and people who use social networks and mobile devices will be among the prime targets of cyber crime next year, says a report released Thursday.
The Georgia Tech Information Security Center's 2011 report on emerging cyber threats highlights growing use of social networks, Internet-connected mobile devices, and the online connectivity of entities such as hospitals and utilities as some of the most enticing targets for cyber criminals.
Mustaque Ahamad, director of the Atlanta-based centre for technology-security expertise and education, said in an interview that recent growth in the number of Internet-capable mobile devices and the use of social networks make them vulnerable to attacks.
"There is this initial period when people don't think about how insecure or unsafe that space might be," he said.
He noted that mobile phones are being increasingly used for functions such as banking and accessing health records, which can create links to the kind of sensitive information that cyber criminals are after.
Ahamad added that the degree of security software that can be installed on smartphones is hampered by the level of battery power available to run them.
The report said criminals are increasingly using social networks to obtain personal information from people. Ahamad added that "once (a criminal) compromises your account, they have access to your friends."
The Georgia Tech report added that electronic perpetrators in the next year will be more likely to target physical entities, such as hospitals and utilities, as these operations become more electronically linked.
Ahamad noted recent cases where utilities overseas have been breached, including a nuclear facility in Iran. Other utility plants in countries such as India and Kazakhstan have also been hacked into, he said.
He said "it's not clear" that countries such as Canada and the United States have better security in place to prevent such activities. The compromises that have occurred overseas reveal a high level of sophistication on the part of the criminals, Ahamad said.
"This should not be easy to mount the attack that we're talking about," he said. "These systems are not directly connected to the Internet."
Dan Strasbourg, spokesman for Canada Health Infoway that's responsible for integrating electronic information systems across the country's health system, said threats to information security are constantly assessed.
"Threat-risk assessments help to identify the internal and external threats that a system may face and the mitigating strategies to deal with the threats," he said in an email to Postmedia News.
Officials from major utilities such as Ontario's Hydro One and Hydro-Quebec were not available for comment.
The Georgia Tech report also said "botnets," or large-scale underground networks that perform automatic functions like distributing spam and malicious software, will emerge as bigger problems next year because they are becoming more efficient and able to escape detection.
Ahamad explained that botnets function largely on computers of people who have no knowledge their systems are being used this way.
"(Hackers are) going and renting those resources out to people who want to deliver spam or mount an attack," he said.
Ahamad said the key to minimizing the damage of emerging threats is to anticipate them in advance and develop ways to combat them.
Simple measures individuals can take to lessen their exposure, he said, include turning off devices such as modems or smartphones when not in use. As well, he cautioned against clicking on unfamiliar email attachments or Internet links.