7/29/2019 McAfee 2013 Threats Predictions (Cyber War)
1/16
Report
By McAee Labs
2013 Threats Predictions
7/29/2019 McAfee 2013 Threats Predictions (Cyber War)
2/16
2013 Threats Predictions2
Table o Contents
Mobile Threats 4
Malware 5
Big-Scale Attacks 8
Citadel Trojan Zeros In 9
HTML5 10
Botnets and Spam 11
Crimeware 12
Hacktivism 14
About the Authors 15
About McAee Labs 15
About McAee 15
7/29/2019 McAfee 2013 Threats Predictions (Cyber War)
3/16
3
McAee Labs collected an immense amount o data on malware, vulnerabilities, and
threats to endpoints, networks, email, and the web in 2012. Using our Global Threat
Intelligence, we analyzed this data to block these intrusions and reduce the danger
to our customers. (For more detail, read the McAfee Threats Report: Third Quarter
2012.)1 Next year we anticipate more o the same: Cybercriminals and hacktivists will
strengthen and evolve the techniques and tools they use to assault our privacy, bank
accounts, mobile devices, businesses, organizations, and homes.
McAee Labs researchers recently debated the leading threats or the coming year. We oresee an
increase in or the introduction o the ollowing threats in 2013:
Mobile worms on victims machines that buy malicious apps and steal via tap-and-pay NFC
Malware that blocks security updates to mobile phones
Mobile phone ransomware kits that allow criminals without programming skills to extort payments
Covert and persistent attacks deep within and beneath Windows
Rapid development o ways to attack Windows 8 and HTML5
Large-scale attacks like Stuxnet that attempt to destroy inrastructure, rather than make money
A urther narrowing o Zeus-like targeted attacks using the Citadel Trojan, making it very dicult or
security products to counter
Malware that renews a connection even ater a botnet has been taken down, allowing inections to
grow again
The snowshoe spamming o legitimate products rom many IP addresses, spreading out the sources
and keeping the unwelcome messages fowing
SMS spam rom inected phones. Whats your mother trying to sell you now?
Hacking as a Service: Anonymous sellers and buyers in underground orums exchange malware kits
and development services or money
The decline o online hacktivists Anonymous, to be replaced by more politically committed or
extremist groups Nation states and armies will be more requent sources and victims o cyberthreats
2013 Threats Predictions
7/29/2019 McAfee 2013 Threats Predictions (Cyber War)
4/16
4 2013 Threats Predictions
Mobile Threats
Malware shopping spree
Once criminals discover a prot-making technique that works, theyre likely to reuse and automate it.
For example, Android/Marketpay.A is a Trojan horse program that buys apps rom an app store without
user permission. Were likely to see crooks take this malwares app-buying payload and add it to amobile worm.
Buying apps developed by malware authors puts money in their pockets. A mobile worm that uses
exploits to propagate over numerous vulnerable phones is the perect platorm or malware that buys
such apps; attackers will no longer need victims to install a piece o malware. I user interaction isnt
needed, there will be nothing to prevent a mobile worm rom going on a shopping spree.
NFC worms
Phones with near-eld communications (NFC) enabled are becoming more common. As users are able
to make tap and pay purchases in more locations, theyll carry their digital wallets everywhere. That
fexibility will, unortunately, also be a boon to thieves. Attackers will create mobile worms with NFC
capabilities to propagate (via the bump and inect method) and to steal money.
Malware writers will thrive in areas with dense populations (airports, malls, theme parks, etc.). An NFC-enabled worm could run rampant through a large crowd, inecting victims and potentially stealing rom
their wallet accounts.
Block that update!
One o the advantages that a mobile service provider (as opposed to Microsot, or example) has in
ghting malware is that once the cell company recognizes malware it can automatically push an update
to customers to clean their devices. This works on phones that have not been rooted (or unlocked) by
their owners. For mobile malware to stick around or a long time, it will have to prevent updates. Putting
an app on a store that does nothing more than download external malware which locks the phone rom
communicating with the cell provider will achieve this.
7/29/2019 McAfee 2013 Threats Predictions (Cyber War)
5/16
52013 Threats Predictions
Malware
Kits lead to an explosion in malware or OS X and mobile
Given the popularity o mobile computing, we should perhaps be surprised that cybercriminals have
taken so long to extensively exploit this eld. In 2012, however, weve seen the number o mobile
threats go up dramatically. As we look at them in more detail, we see the large amount o Windows-based malware owes its existence to the easy availability o malware kits in the underground market. In
2013, there is a good chance ransomware kits will take the lead rom malware kits. We have already
seen Android and OS X as targets o ransomware. Now the rst ransomware kits are being marketed in
the underground. For the moment the kits attack only Windows systems, but this may change soon.
Ransomware continues to expand to mobile devices
Ransomware on Windows PCs has more than tripled during the past year. Attackers have proven that
this business model works and are scaling up their attacks to increase prots. One way ransomware is
dierent rom other types o malwaresuch as backdoors, keyloggers, and password stealersis that
attackers do not rely on their victims using the inected systems or nancial transactions to separate
them rom their money. Instead these criminals hijack the users ability to access data, communicate, or
use the system at all. The victims are aced with either losing their data or paying a ransom in the hope
o regaining access.
One limitation or many malware authors seeking prot rom mobile devices is that more users transact
business on desktop PCs rather than on tablets or phones. But this trend may not last; the convenience
o portable browsers will likely lead more people do their business on the go. Attackers have already
developed ransomware or mobile devices. What i the ransom demand included threats to distribute
recorded calls and pictures taken with the phone?
We anticipate considerably more activity in this area during 2013.
7/29/2019 McAfee 2013 Threats Predictions (Cyber War)
6/16
2013 Threats Predictions6
New Ransomware Samples
0
50,000
100,000
150,000
200,000
250,000
Q3
2012
Q2
2012
Q1
2012
Q4
2011
Q3
2011
Q2
2011
Q1
2011
Q4
2010
Q3
2010
Q2
2010
Q1
2010
Unique Consumers Reporting Ransomware Detections (Cumulative)
AUG 1
2012
SEP 1
2012
OCT 1
2012
NOV 1
2012
JUL 1
2012
0
20,000
40,000
60,000
80,000
100,000
120,000
7/29/2019 McAfee 2013 Threats Predictions (Cyber War)
7/16
72013 Threats Predictions
Rootkits diversiy, using MBR and other bootkit techniques
The evolution o computer security sotware and other deenses on client endpoints is driving threats
into dierent areas o the operating system stack, especially or covert and persistent attackers. The
requency o threats attacking Microsot Windows below the kernel are increasing. Some o the critical
assets targeted include the BIOS, master boot record (MBR), volume boot record (VBR), GUID PartitionTable (GPT), and NTLoader. Although the volume o these threats is unlikely to approach that o simpler
attacks on Windows and applications, the impact o these complex attacks can be ar more devastating.
We expect to see more threats in this area during 2013.
Some notable below-the-kernel attacks, which have increased considerably in recent years.
7/29/2019 McAfee 2013 Threats Predictions (Cyber War)
8/16
8 2013 Threats Predictions
Windows 8 the next big target
Criminals go where the money is. And i this means they have to cope with a new, more secure version
o Windows, thats just what they will do. In many cases they attack the user and not the OS. Via
phishing and other techniques users are tricked into revealing inormation or installing a malicious
program. So i you upgrade, dont rely solely on Windows to protect your system: Remain vigilant andwatch out or phishing scams.
Windows 8 should provide improved security against malware and exploits compared with earlier
versions o Windows, at least or a while. Now that the underground market or attack and malware
kits is much more competitive than three years ago, it is likely that Windows 8specic malware will
be available quicker than Windows 7specic malware appeared. Systems running the new Unied
Extensible Firmware Interace are still vulnerable to MBR-based rootkits, just as previous OS versions
were, according to one research company. On the day o Windows 8s release, the rm announced
or sale to its customers the availability o a zero-day vulnerability that circumvents all new security
enhancements in Windows 8 and Internet Explorer 10.
In spite o any faws, Windows 8 is a more secure OS, so upgrading is worth considering. Millions
still run Windows XP, which only in all 2012 was nally eclipsed in the number o its users by newer
versions o Windows.
Big-Scale Attacks
Destructive payloads in malware have become rare because attackers preer to take control o their
victims computers or nancial gain or to steal intellectual property. Recently, however, we have seen
several attackssome apparently targeted, others implemented as wormsin which the only goal was
to cause as much damage as possible. We expect this malicious behavior to grow in 2013.
Whether this is hacktivism taken to a new level, as some claim, or just malicious intent is impossible
to say, but the worrying act is that companies appear to be rather vulnerable to such attacks. As
with distributed denial o service (DDoS) attacks, the technical bar or the hackers to hurdle is rather
low. I attackers can install destructive malware on a large number o machines, then the result can
be devastating.
How can we prepare or such an incident and, more important, how can we mitigate or prevent some o
the damage? It may be necessary to plan or the worst: An inside or outside attacker who has elevated
privileges on the network or a long time could time-bomb many systems on multiple sites. This eect
is likely worse than what is covered in many disaster recovery plans, so the IT sta may have to make
some updates. The priority is to keep the business running, which is best achieved by having production
networks, SCADA systems, etc. completely separated rom the normal network, preventing them rom
getting hit in the rst place. Then there will be a massive loss o data to deal with because users just
love to store their data on their local machines. One challenge will be to reinstall thousands o machines
while ensuring that the time bomb doesnt resurace. Technologies that may prove useul include remote
management eatures that are independent o the state o the PC and its OS, but these eatures will
need to be tested beore an incident happens.
7/29/2019 McAfee 2013 Threats Predictions (Cyber War)
9/16
92013 Threats Predictions
All measures to detect and block these persistent threats should also be eective against the preliminary
steps o such attacks, while the attacker tries to gain and elevate access. Remote application control
would prevent servers and key systems rom being aectedunless an attacker has already taken ull
control o the update process, which can be determined by careully monitoring who does what on the
management systems. To keep the loss o data to a minimum, a reliable network backup (and restore)
process needs to be in place, as well as backing up local data and blocking attackers rom shredding
data on shared drives and olders on the network.
Citadel Trojan Zeros In
Citadel is likely to become the Trojan o choice among cybercriminals who want the rich unctionality
o Zeus along with dedicated support. With the recent release o Citadel Rain, the Trojan can now
dynamically retrieve conguration les, enabling a raudster to send a targeted payload to a single victim
or a selection o victims. This allows thieves to compromise accounts on a one-o basis depending on
their criteria and wage attacks in a very targeted manner. Detection will become much harder because
the ootprint is minimal on the endpoint until the attack occurs. Typically Zeus attacks have been
relatively widespread. We will likely see that change in 2013 as more cybercriminals adopt Citadel Rain
and its uture variants and ocus on narrowly targeted attacks seeking the greatest possible gain.
Most Citadel inections are concentrated in just a ew populations in Europe, but we expect that number
to increase in 2013. The ollowing map shows Germany is the prime location, with more than 200
inections to date.
The Trojan Citadel is most prevalent in Western Europe, especially in Germany. We expect attacks rom this malware to
increase in 2013.
7/29/2019 McAfee 2013 Threats Predictions (Cyber War)
10/16
10 2013 Threats Predictions
HTML5
HTML5 is the next version o the standard language o Internet browsers. It provides language
improvements, capabilities to remove the need or plug-ins, new layout rendering options, and
new powerul APIs that support local data storage, device access, 2D/3D rendering, web-socket
communication, and many other eatures. Today 74 percent o users in North America, 72 percent inAsia, and 83 percent in Europe use browsers that support the majority o HTML5 eatures.2 Websites are
quickly adopting HTML5 or its richer user experience. HTML5 continues the move to the browser, and
away rom the operating systems, as the platorm to run applications. HTML5-based applications are
increasing in number, with major players taking advantage o reedom rom app stores and improved
cross-browser and cross-device compatibility.
Browsers have long been one o the primary vectors or security threats, and HTML5 wont change that.
With HTML5 the threats landscape will shit and broaden. We will see a reduction in exploits ocused on
plug-ins as browsers provide this unctionally via their new media capabilities and APIs. However, HTML5
will oer other opportunities or attackers because the additional unctionality will create a larger attack
surace. Powerul JavaScript APIs that allow device access will expose the browser as websites gain direct
access to hardware.
One example is WebGL, which provides 3D rendering. Prior to WebGL, HTML content not based onplug-ins was interpreted and rendered by the browser. This provided a layer o technology between
the untrusted data on the Internet and the operating system. WebGL browsers, however, expose
the graphics driver stack and hardware, signicantly increasing the attack vectors. Researchers have
already demonstrated graphics memory thetallowing the web application to steal screenshots rom
the desktopand denial o service attacks using all popular browsers supporting WebGL and popular
graphics driver stack providers.3
One o the primary separations between a native application and an HTML application has been the
ability o the ormer to perorm arbitrary network connections on the client. HTML5 increases the attack
surace or every user, as its eatures do not require extensive policy or access controls. Thus they allow
a page served rom the Internet to exploit WebSocket unctionality and poke around the users local
network. In the past, this opportunity or attackers was limited because any malicious use was thwarted
by the same-origin policy, which has been the cornerstone o security in HTML-based products. WithHTML5, however, Cross Origin Resource Sharing will let scripts rom one domain make network requests
post data, and access data served rom the target domain, thereby allowing HTML pages to perorm
reconnaissance and limited operations on the users network.
In 2013 we will see browsers expand on HTML5 eatures and improve HTML5 compatibility. HTML5-
based applications and websites will continue to grow. Were certain that attackers will turn their
attention to nding holes in HTML5 security in 2013. The question is how quickly theyll succeed.
7/29/2019 McAfee 2013 Threats Predictions (Cyber War)
11/16
112013 Threats Predictions
Botnets and Spam
Botnets call home
The biggest threat to botmasters is the unrecoverable loss o their botnets. International cooperation in
policing spam, malware, child exploitation, and illegal pills has made that loss a reality or many major
botnets over the past ew years, and will continue to threaten the prolieration o botnets. When thelargest botnets get taken down, then the next largest botnets become the new targets. Botmasters have
already reacted to this activity by subdividing botnets and increasing the costs associated with activities
that are easily detectable (such as DDoS and spam). It is only a matter o time beore botmasters
implement ail-saes to reestablish command o a botnet that has lost all o the control servers it usually
reports to.
In many cases botnets are temporarily hijacked by whitehat security researchers. Due to possible
negative side eects, however, these takeovers do not lead to new commands reaching the inected
hosts. There is a massive liability issue associated with the unauthorized remote operation o systems,
even with the best o intentions. Pushing new commands to an old Windows machine serving a hospital
could turn the PC into a brick and lead to incorrect care or even the death o a patient. Botmasters will
take advantage o this reluctance by the good guys to meddle by hardwiring their botnets to reestablish
control ater a takedown.
Snowshoe spam will continue to increase
When a shady marketing company approaches your marketing people and tells them that they have
a list o email addresses that have already opted into receiving whatever advertising you want to send
them, it should set o alarm bells. Unortunately those bells dont ring oten enough. Well-known
companies selling products rom cell phones to cigars to language-learning sotware to satellite TV to
medical supplies have all signed on with these shady advertisers. The shady companies blast out millions
and millions o blatantly illegal spam messages every day rom newly rented hosts in hosting companies
until they get evicted rom their subnets or move onater theyve turned those addresses, and
sometimes the subnets, into permanently blacklisted wastelands. (By sending rom many IPs, they spread
out the load, thus the snowshoe metaphor.) Recipients have their inboxes bombarded with these spam
messages and are unable to opt out o them.
Because this sort o activity is not as malicious as the most newsworthy hacks and malware, this areahas been mostly ignored by the authorities. Nonetheless, this practice o snowshoe spamming has
exploded during the past two years and is currently one o the biggest problems in the spam world.
Attempts by researchers to expose this sort o activity have resulted in threats o deamation lawsuits by
the companies using these shady marketers. In that environment (combined with an economy in which
marketing budgets are thin or nonexistent), this sort o activity will only continue to increase at the
breakneck pace that weve seen.
7/29/2019 McAfee 2013 Threats Predictions (Cyber War)
12/16
12 2013 Threats Predictions
SMS spam rom inected phones
Cell phone providers are working to prevent SMS spam. Their primary method o receiving reports
rom consumers is or the latter to orward messages to SPAM (7726) on their phones and report the
messages so that they can be blocked. An inected phone can also send spammy text messages; then
the victims ace the problem o having their accounts closed by the providers. We expect to see pilladvertising or phishing lures delivered by SMS in 2013.
Crimeware
Hacking as a Service
For a long time, cybercriminals have attended public orums to discuss and make business deals
with other criminals. In these meetings, they not only oer sotware or sale but also services. Highly
proessional cybercrooks, however, see these orums as a waste o time (they are ull o newbies),
a loss o condentiality (each deal needs direct contact with the client, who could be an undercover
agent), and a loss o money (as the purchaser attempts to negotiate a lower price). For these reasons,
the number o invitation-only criminal orums requiring registration ees and/or guarantors (vouchers)
has increased.
This trend will continue, but to improve anonymity without discouraging buyers, online sales sitesmodeled on legal trade activities will grow in 2013. On these sites, buyers can make their choices at the
click o a mouse, use an anonymous online payment method (such as Liberty Reserve), and receive their
purchases without any negotiations or direct contact with the seller.
The shopping cart o a buyer looking or crimeware.
7/29/2019 McAfee 2013 Threats Predictions (Cyber War)
13/16
132013 Threats Predictions
More secure and anonymous, these oers will be easier to nd on the Internet. They will also be more
diversied. We have already started to see high-level audit services and oers or project development
or cybercriminals.4
The number o suspicious outts claiming to sell zero-day attacks or the sale o spying services reserved
or the sole use o governments or secret services will grow. It will be dicult to separate the wheatrom the cha, or to ascertain real activities and real customers.
An advertisement or hacking as a service.
7/29/2019 McAfee 2013 Threats Predictions (Cyber War)
14/16
14 2013 Threats Predictions
Hacktivism
The decline o Anonymous
Sympathizers o Anonymous are suering. Too many uncoordinated and unclear operations have been
detrimental to its reputation. Added to this, the disinormation, alse claims, and pure hacking actions
will lead to the movements being less politically visible than in the past. Because Anonymous level otechnical sophistication has stagnated and its tactics are better understood by its potential victims, the
groups level o success will decline. However, we could easily imagine some short-lived spectacular
actions due to convergence between hacktivists and antiglobalization supporters, or hacktivists
and ecoterrorists.
Anonymous is just one aspect o hacktivism. Another more powerul orce is people with strong
political motivation and high availability over a long term. An excellent example o this was the support
or the uprising in Libya, as explained in the story Power People 2.0, published in April 2012 by
MIT Technology Review.5 And to support the actions o these activists, the Telecomix group, not to be
conused with Anonymous, contributed its high-level hacking techniques. Thanks to all o these people,
their actions were signicant. Actions like these should be more visible in the uture whenever a people
will promote a cause that hacktivists consider just.
Meanwhile, patriot groups sel-organized into cyberarmies and spreading their extremist views will
fourish. Up to now their eorts have had little impact (generally deacement o websites or DDoS or
a very short period), but their actions will improve in sophistication and aggressiveness. They will ght
among themselves, certainly, but their avorite targets will be our democratic societies each time we
denounce the extremist governments they support.
Nation states and armies will be more requent actors and victims o cyberthreats
Many o the worlds military units are on the ront line o social networks. They communicate more
and more requently. Proessional orums such as CompanyCommand and proessional wikis involve
the development o online collaborative work.6 Furthermore, military operations use the Internet or
emailing, social networking and, unortunately, visiting dubious websites. All o these elements will
increase the possibilities o inltration and unintentional inormation leakage.
Experts are no longer reluctant to predict national responsibility in military and industrial espionageor precision attacks that cause physical damage, as in the case o Stuxnet or Shamoon. State-related
threats will increase and make the headlines. Suspicions about government-sponsored attacks will
grow. Using zero-day vulnerabilities and sophistical malware, some o these attacks may be considered
advanced persistent threats, while others will involve conventional malware.
In January 2012, the Atlantic Council o the United States published a spectrum to help analysts in
assigning responsibility or a particular attack or campaign o attacks.7 Using ten categories based on
whether a nation ignores, abets, or conducts an attack, this spectrum starts rom a very passive up to
very active responsibility. We predict this measurement tool will be eective in 2013 to judge the actions
o nations ranging rom employing insecure systems that lead to an attack to nations that plan and
execute one.
7/29/2019 McAfee 2013 Threats Predictions (Cyber War)
15/16
152013 Threats Predictions
Even i they have never launched a cyberattack against noncombatant targets, some terrorists are also
Internet ans. They use the web to communicate, recruit, disseminate propaganda, seek unding, search
or inormation on people and targets, and prepare their assaults. We can read o numerous examples in
various reports, among them The Use o the Internet or Terrorist Purposes, published by the United
Nations Oce on Drugs and Crime.8
The next step could be a combination cyber-physical attack: anonline attack carried out in conjunction with a physical attack. I a group can remotely disrupt a critical
inrastructure, such as a deense or communications system, a conventional attack could more easily
cause more damage. We have no evidence that such a terrorist event will occur in 2013, but today our
ears o one are not just antasy.
About the Authors
This report was prepared and written by Xiao Chen, Toralv Dirro, Paula Greve, Prashant Gupta, Haiei Li,
William McEwan, Franois Paget, Craig Schmugar, Jimmy Shah, Ryan Sherstobito, Dan Sommer, Bing
Sun, Peter Szor, and Adam Wosotowsky o McAee Labs.
About McAee Labs
McAee Labs is the global research team o McAee. With the only research organization devoted to all
threat vectorsmalware, web, email, network, and vulnerabilitiesMcAee Labs gathers intelligence
rom its millions o sensors and its cloud-based service McAee Global Threat Intelligence. The McAee
Labs team o 500 multidisciplinary researchers in 30 countries ollows the complete range o threats
in real time, identiying application vulnerabilities, analyzing and correlating risks, and enabling instant
remediation to protect enterprises and the public. http://www.mcaee.com/labs
About McAee
McAee, a wholly owned subsidiary o Intel Corporation (NASDAQ:INTC), is the worlds largest dedicated
security technology company. McAee delivers proactive and proven solutions and services that help
secure systems, networks, and mobile devices around the world, allowing users to saely connect to the
Internet, browse, and shop the web more securely. Backed by its unrivaled global threat intelligence,
McAee creates innovative products that empower home users, businesses, the public sector, and serviceproviders by enabling them to prove compliance with regulations, protect data, prevent disruptions,
identiy vulnerabilities, and continuously monitor and improve their security. McAee is relentlessly
ocused on constantly nding new ways to keep our customers sae. http://www.mcaee.com
7/29/2019 McAfee 2013 Threats Predictions (Cyber War)
16/16
2821 Mission College Boulevard
Santa Clara, CA 95054
888 847 8766
1 http://www.mcaee.com/us/resources/reports/rp-quarterly-threat-q3-2012.pd2 http://arstechnica.com/inormation-technology/2012/08/orrester-report-urges-html5-adoption-says-most-browsers-can-support-it/
http://www.orrester.com/The+Coming+O+HTML5/ulltext/-/E-RES703413 http://www.contextis.com/research/blog/webgl-new-dimension-browser-exploitation/4 http://blog.xmco.r/index.php?/page/25 http://www.technologyreview.com/eaturedstory/427640/people-power-20/6 http://companycommand.army.mil/index.htm7 http://www.acus.org/les/publication_pds/403/022212_ACUS_NatlResponsibilityCyber.PDF8 http://www.unodc.org/documents/rontpage/Use_o_Internet_or_Terrorist_Purposes.pd
The inormation in this document is provided only or educational purposes and or the convenience o McAee customers. The inormation
contained herein is subject to change without notice, and is provided as is, without guarantee or warranty as to the accuracy or applicability
o the inormation to any specifc situation or circumstance.
McAee, the McAee logo, and McAee Global Threat Intelligence are registered trademarks or trademarks o McAee, Inc. or its subsidiaries in
h i d S d h i h k d b d b l i d h h C i h
http://www.mcafee.com/us/resources/reports/rp-quarterly-threat-q3-2012.pdfhttp://arstechnica.com/information-technology/2012/08/forrester-report-urges-html5-adoption-says-most-browsers-can-support-it/http://www.forrester.com/The%2BComing%2BOf%2BHTML5/fulltext/-/E-RES70341http://www.contextis.com/research/blog/webgl-new-dimension-browser-exploitation/http://blog.xmco.fr/index.php%3F/page/2http://www.technologyreview.com/featuredstory/427640/people-power-20/http://companycommand.army.mil/index.htmhttp://www.acus.org/files/publication_pdfs/403/022212_ACUS_NatlResponsibilityCyber.PDFhttp://www.unodc.org/documents/frontpage/Use_of_Internet_for_Terrorist_Purposes.pdfhttp://www.unodc.org/documents/frontpage/Use_of_Internet_for_Terrorist_Purposes.pdfhttp://www.acus.org/files/publication_pdfs/403/022212_ACUS_NatlResponsibilityCyber.PDFhttp://companycommand.army.mil/index.htmhttp://www.technologyreview.com/featuredstory/427640/people-power-20/http://blog.xmco.fr/index.php%3F/page/2http://www.contextis.com/research/blog/webgl-new-dimension-browser-exploitation/http://www.forrester.com/The%2BComing%2BOf%2BHTML5/fulltext/-/E-RES70341http://arstechnica.com/information-technology/2012/08/forrester-report-urges-html5-adoption-says-most-browsers-can-support-it/http://www.mcafee.com/us/resources/reports/rp-quarterly-threat-q3-2012.pdf