How Mobile Computing, Not Windows Desktop, Will Transform Cybercrime

As mobile devices become more ubiquitous, they and not the Windows desktop will become Ground Zero for attacks and exploits.

According to some industry analysts, the sun is starting to set on Microsoft Corp.'s Windows franchise. The fat-client desktop computer is yielding to "skinny" devices, with thin-client form-factors -- be they mobile phones, smartphones, tablet computers, or other non-traditional client devices -- attracting cyberattacks.

From an enterprise security perspective, this is both a good and a bad thing.

The bad, of course, is that most enterprises are still woefully unprepared to manage -- much less, to secure -- the coming generation of skinny mobile devices. With industry watchers such as International Data Corp. (IDC) projecting that shipments of smartphones and tablet computers will outstrip those of conventional PCs by 2012, you can bet that IT organizations will rush pell-mell to right this wrong. Many have already done so.

The good news is that as mobile devices become more ubiquitous, they -- and not the tried-and-true Windows desktop -- will become Ground Zero for attacks and exploits.

That's the conclusion of a new survey from security and anti-virus specialist Kaspersky Lab, which says that the decline of Microsoft's Windows monoculture will radically transform both the scope and the practice of cybercrime.

"The defining feature of the next decade will be the end of Windows' domination of user operating systems. Though Microsoft's brainchild will remain the primary business platform, everyday users will have access to an ever-expanding variety of alternative operating systems," write researchers in Kaspersky's "Cybercrime Outlook 2020" forecast.

"Notably, even now the number of devices accessing the Internet via Windows and non-Windows platforms are almost the same, with the latter even occasionally exceeding their Microsoft counterparts."

The most immediate upshot is that cybercriminals will increasingly target mobile platforms. There's another wrinkle here, however: Kaspersky doesn't foresee any single platform achieving the dominance of Microsoft's Windows monoculture. As a result, cybercriminals will have to choose between two distinct options, and because the economics of targeting a single Windows monoculture are both more practicable and potentially more lucrative than targeting an array of mobile operating platforms, Kaspersky researchers expect that Windows will remain a popular cracking target.

"The growing number of new operating systems will affect the process of threat creation: cybercriminals will not be able to create malicious code for large numbers of platforms. This leaves them with two options: either target multiple operating systems and have many individual devices under their control, or specialize in Windows-based attacks on corporations," they write.

"The second variant will probably appeal to them more -- by 2020, targeting individual users will become much more complex because the emerging trend of making payments electronically and using online banking will continue, but biometric user identification and payment protection systems will become the norm."

For this reason, Kaspersky expects cybercriminals to flock to different camps.

"Cybercrime in 2020 will almost assuredly divide into two groups. One group will specialize in attacks on businesses, sometimes to-order. Commercial espionage, database theft, and corporate reputation-smearing attacks will be much in demand on the black market," the report forecasts.

In addition to Windows, Kasperspy researchers expect that Unix -- which has reliably been ceding market share to Windows and Linux in its bread-and-butter enterprise space -- will still be around, too.

"Hackers and corporate IT specialists will confront each other on the virtual battlefield," they write. "State anti-cybercrime agencies will probably be involved in the process too and will have to deal predominantly with Windows platforms, in addition to the latest versions of traditional *nix systems."

comments powered by Disqus