McAfee Labs predicts Facebook, Twitter will be larger cyber security targets
Social networks and HTML 5 will be targets, McAfee says, adding that trojan sophistication will increase as law enforcement makes 2010 progress in cybercrime-fighting efforts.
McAfee Inc. (NYSE:MFE) 2010 Threat Predictions report says cybercriminals will target social networking sites and third-party applications, use more complex Trojans and botnets to build and execute attacks, and take advantage of HTML 5 to create emerging threats. McAfee Labs also predicts 2010 will be a good year for law enforcement's fight against cybercrime.
"Over the past decade, we've seen a tremendous improvement in the ability to successfully monitor, uncover, and stop cybercrime," said Jeff Green, senior vice president of McAfee Labs. "We're now facing emerging threats from the explosive growth of social networking sites, the exploitation of popular applications and more advanced techniques used by cybercriminals, but we're confident that 2010 will be a successful year for the cybersecurity community."
McAfee Labs Threat Predictions for 2010 include the following.
- Social networks will be platform of choice for emerging threats : Facebook, Twitter, and third-party applications on these sites are rapidly changing the criminal toolkit, giving cybercriminals new technologies to work with and hot spots of activity that can be exploited. Users will become more vulnerable to attacks that blindly distribute rogue apps across their networks, and cybercriminals will take advantage of friends trusting friends to get users to click on links they might otherwise treat cautiously. The use of abbreviated URLs on sites like Twitter make it even easier for cybercriminals to mask and direct users to malicious Web sites. McAfee Labs predicts that cybercriminals will increasingly use these tactics across the most popular social networking sites in 2010.
- Web evolution will give cybercriminals new malware-writing opportunities : Release of Google Chrome OS and the technological advancements of HTML 5 will continue to shift user activity from desktop to online applications, creating yet another opportunity for malware writers to prey on users. HTML 5's anticipated cross-platform support also provides an additional motivation for attackers, enabling them to reach users of many mainstream browsers.
- Banking trojans and email attachments delivering malware will rise in volume, sophistication : McAfee Labs warns that banking Trojans, having demonstrated new tactics in 2009, will become even more sophisticated in 2010 and easily get around current protections used by banks. New techniques include a Trojan's ability to silently interrupt a legitimate transaction to make an unauthorized withdrawal and simultaneously check the user's transaction limits to stay below them and avoid alerting the bank. Email attachments, a longstanding delivery method for malware, will continue to rise in volume and increasingly target corporations, journalists, and individual users.
- Cybercriminals continue to target Adobe Reader, Flash : In 2009, McAfee Labs saw an increase in attacks targeting client software. Due to the growing popularity of Adobe applications, McAfee Labs expects that cybercriminals will continue to target Adobe products, primarily Acrobat Reader and Flash, two of the most widely deployed applications in the world. McAfee Labs expects Adobe product exploitation will likely surpass that of Microsoft Office applications in 2010.
- Botnet infrastructure shifts from centralized model to peer-to-peer control: Botnets, the versatile infrastructure that launches nearly every type of cyberattack from spamming to identity theft, will continue to use a seemingly infinite supply of stolen computing power and bandwidth around the globe. Following a number of successful botnet takedowns, including the McColo ISP, botnet controllers must adjust to the increasing pressure cybersecurity professionals are placing on them. In 2010, McAfee Labs expects to see a significant adoption of peer-to-peer control, a distributed and resilient botnet infrastructure, rather than the centralized hosting model that we see today. For cybercriminals, the benefits will finally outweigh the costs of the peer-to-peer model, due to the security community's increasingly aggressive attempts to shut down and deny access to botnets.
- Cybercrime: A good year for law enforcement : 2010 marks a decade in the fight that international law enforcement agencies have undertaken against cybercrime. McAfee Labs has seen significant progress in the universal effort to identify, track, and combat cybercrime by governments worldwide. McAfee believes that in 2010 we'll see many more successes in the pursuit of cybercriminals.
Also read from MBT :
- Edited by Mark T. Hoske, online products editor, Manufacturing Business Technology, MBT , www.mbtmag.com.