SANTA CLARA, Calif.--()--McAfee, Inc. (NYSE:MFE) today unveiled its 2011 Threat Predictions report, outlining the top threats that researchers at McAfee Labs foresee for the coming year. The list comprises 2010’s most buzzed about platforms and services, including Google’s Android, Apple’s iPhone, foursquare, Google TV and the Mac OS X platform, which are all expected to become major targets for cybercriminals. McAfee Labs also predicts that politically motivated attacks will be on the rise, as more groups are expected to repeat the WikiLeaks paradigm.
“These platforms and services have become very popular in a short amount of time, and we’re already seeing a significant increase in vulnerabilities, attacks and data loss.”
“We’ve seen significant advancements in device and social network adoption, placing a bulls-eye on the platforms and services users are embracing the most,” said Vincent Weafer, senior vice president of McAfee Labs. “These platforms and services have become very popular in a short amount of time, and we’re already seeing a significant increase in vulnerabilities, attacks and data loss.”
McAfee Labs Threat Predictions for 2011:
Exploiting Social Media: URL-shortening services
Social
media sites such as Twitter and Facebook have created the movement
toward an “instant” form of communication, a shift that will completely
alter the threat landscape in 2011. Of the social media sites that will
be most riddled with cybercriminal activity, McAfee Labs expects those
with URL-shortening services will be at the forefront. The use of
abbreviated URLs on sites like Twitter makes it easy for cybercriminals
to mask and direct users to malicious websites. With more than 3,000
shortened URLs per minute being generated, McAfee Labs expects to see a
growing number used for spam, scamming and other malicious purposes.
Exploiting Social Media: Geolocation services
Locative
services such as foursquare, Gowalla and Facebook Places can easily
search, track and plot the whereabouts of friends and strangers. In just
a few clicks, cybercriminals can see in real time who is tweeting, where
they are located, what they are saying, what their interests are, and
what operating systems and applications they are using. This wealth of
personal information on individuals enables cybercriminals to craft a
targeted attack. McAfee Labs predicts that cybercriminals will
increasingly use these tactics across the most popular social networking
sites in 2011.
Mobile: Usage is rising in the workplace, and so will attacks
Threats
on mobile devices have so far been few and far between, as
“jailbreaking” on the iPhone and the arrival of Zeus were the primary
mobile threats in 2010. With the widespread adoption of mobile devices
in business environments, combined with historically fragile cellular
infrastructure and slow strides toward encryption, McAfee Labs predicts
that 2011 will bring a rapid escalation of attacks and threats to mobile
devices, putting user and corporate data at very high risk.
Apple: No longer flying under the radar
Historically, the
Mac OS platform has remained relatively unscathed by malicious
attackers, but McAfee Labs warns that Mac-targeted malware will continue
to increase in sophistication in 2011. The popularity of iPads and
iPhones in business environments, combined with the lack of user
understanding of proper security for these devices, will increase the
risk for data and identity exposure, and will make Apple botnets and
Trojans a common occurrence.
Applications: Privacy leaks—from your TV
New Internet TV
platforms were some of the most highly-anticipated devices in 2010. Due
to the growing popularity among users and “rush to market” thinking by
developers, McAfee Labs expects an increasing number of suspicious and
malicious apps for the most widely deployed media platforms, such as
Google TV. These apps will target or expose privacy and identity data,
and will allow cybercriminals to manipulate a variety of physical
devices through compromised or controlled apps, eventually raising the
effectiveness of botnets.
Sophistication Mimics Legitimacy: Your next computer virus could be
from a friend
Malicious content disguised as personal or
legitimate emails and files to trick unsuspecting victims will increase
in sophistication in 2011. “Signed” malware that imitates legitimate
files will become more prevalent, and “friendly fire,” in which threats
appear to come from your friends but in fact are viruses such as
Koobface or VBMania, will continue to grow as an attack of choice by
cybercriminals. McAfee Labs expects these attacks will go hand in hand
with the increased abuse of social networks, which will eventually
overtake email as a leading attack vector.
Botnets: The new face of Mergers & Acquisitions
Botnets
continue to use a seemingly infinite supply of stolen computing power
and bandwidth around the globe. Following a number of successful botnet
takedowns, including Mariposa, Bredolab and specific Zeus botnets,
botnet controllers must adjust to the increasing pressure cybersecurity
professionals are placing on them. McAfee Labs predicts that the recent
merger of Zeus with SpyEye will produce more sophisticated bots due to
improvements in bypassing security mechanisms and law enforcement
monitoring. Additionally, McAfee Labs expects to see a significant
botnet activity in the adoption of data-gathering and data-removal
functionality, rather than the common use of sending spam.
Hacktivism: Following the WikiLeaks path
Next year marks a
time in which politically motivated attacks will proliferate and new
sophisticated attacks will appear. More groups will repeat the WikiLeaks
example, as hacktivism is conducted by people claiming to be independent
of any particular government or movement, and will become more organized
and strategic by incorporating social networks in the process. McAfee
Labs believes hacktivism will become the new way to demonstrate
political positions in 2011 and beyond.
Advanced Persistent Threats: A whole new category
Operation
Aurora gave birth to the new category of advanced persistent threat
(APT)— a targeted cyberespionage or cybersabotage attack that is carried
out under the sponsorship or direction of a nation-state for something
other than pure financial/criminal gain or political protest. McAfee
Labs warns that companies of all sizes that have any involvement in
national security or major global economic activities should expect to
come under pervasive and continuous APT attacks that go after email
archives, document stores, intellectual property repositories and other
databases.
For a full copy of the 2011 Threat Predictions report from McAfee Labs, please visit: http://www.mcafee.com
About McAfee
McAfee, headquartered in Santa Clara, California, is the world's largest dedicated security technology company. McAfee delivers proactive and proven solutions and services that help secure systems, networks, and mobile devices around the world, allowing users to safely connect to the Internet, browse and shop the Web more securely. Backed by its unrivaled Global Threat Intelligence, McAfee creates innovative products that empower home users, businesses, the public sector and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. McAfee secures your digital world. http://www.mcafee.com
NOTE: McAfee is a registered trademark or trademark of McAfee, Inc. or its subsidiaries in the United States and other countries. Other marks may be claimed as the property of others. The product plans, specifications, and descriptions herein are provided for information only and are subject to change without notice. They are provided without warranty of any kind, expressed or implied.
Facebook
Twitter
LinkedIn
Delicious
Reddit
StumbleUpon
Digg
MySpace
Newsvine
Google Bookmark
Yahoo! Bookmark
Email
Email 
