Tech security company McAfee is forecasting that social media platforms, mobile devices and Apple products will be the focus of cybercriminals in 2011.
As the threats landscape has changed considerably in the past year, McAfee Labs has seen marked increases in malware sophistication and targeting as well as a continued increase in the overall volume of daily malware threats. The firm has also begun to see some very significant changes in the types of threats that aim at Apple iPhones and other mobile devices.
McAfee Labs released its predictions of the threats of the upcoming year and beyond at its McAfee Threat Predictions report released Tuesday.
Exploiting Social Media
In 2010 McAfee saw some significant changes in how both malicious code and malicious links are distributed. This year ended with some of the lowest global email spam levels in years, as more and more users transition from "slower" legacy communications such as email in favor of more immediate methods such as instant messaging and Twitter. This shift will completely alter the threat landscape in 2011, McAfee said.
McAfee expects to see increasingly more targeted abuses of personal identity and data. Social media connections will eventually replace email as the primary vector for distributing malicious code and links. The massive amount of personal information online coupled with the lack of user knowledge of how to secure this data will make it far easier for cybercriminals to engage in identity theft and user profiling than ever before. Spear phishing - targeted phishing attacks - will move to Twitter and like technologies because choosing users and groups to exploit through these channels is simple, the security firm add
Two related areas of social media will also attract attention next year: short URLs and locative technologies.
McAfee Labs expects to see short URL abuse invade all other forms of Internet communications. The firm is currently tracking and analyzing - through multiple social media applications and all URL shortening services - more than 3,000 shortened URLs per minute.
More Internet users at all levels are adding global positioning system (GPS) information to their social media updates so their friends and colleagues can see where they are. Many locative services also offer users badges and rewards to increase their popularity. There's no trick to imagining how cybercriminals and scammers can potentially leverage this information: With locative services such as foursquare, Gowalla, and Facebook Places you can easily search, track, and plot the whereabouts of friends and strangers. Use Bing's mapping functionality, for example, and plot all the GPS-enabled tweets in an area. It is easy to correlate these by topic or area of interest. In just a few clicks
cybercriminals can see in real time who is tweeting and where, what they are saying, what their interests are, and the operating systems and applications they are using. It then becomes child's play to craft a targeted attack based upon what the bad guys have just learned from these services.
"The fact that these services allow anyone to see and track individuals and groups - including their likes and dislikes, affiliations and interests - and then act on them in Internet time will make this topic a huge focus for cybercriminals and scammers in 2011 and beyond," McAfee said.
Threats to mobile devices have been a hot topic within the security community for several years; McAfee expects attacks to erupt at any time, yet they never quite seem to happen. Nonetheless, McAfee Labs
predicts that 2011 will be a turning point for threats to mobile devices. This year McAfee saw many new, but low-prevalence, threats to mobile devices: rootkits for the Android platform, remote "jailbreaking" exploits for the iPhone, and the arrival of Zeus (a well-known banking Trojan/botnet).
Apple's Mac OS X platform is a favorite target of the whitehat and blackhat communities. Whitehats have been poking at the Mac for a long time looking for vulnerabilities. Although historically not a frequently targeted platform by malicious attackers, the Mac operating system is very widely deployed. McAfee Labs saw malware of increasing sophistication that targets Mac this year and expects this trend to increase in 2011. The popularity of iPads and iPhones in business environments and the easy portability of malicious code between them could put many users and businesses at risk next year and beyond.
"We anticipate threats of data and identity exposure will become more pronounced. The lack of user understanding regarding exposure on these platforms and the lack of deployed security solutions make a fertile landscape for cybercriminals. McAfee Labs expects to see botnets and Trojans move from a rare encounter to a more common occurrence on Apple platforms in 2011," teh security firm added.
McAFee's thread report also described the drawbacks of the application-centric world we live in. The drawback
to that world lies in the portability of our apps among mobile devices and the coming Internet TV platforms, which combined will make threats from vulnerable and malicious apps a major concern for
2011. In addition to malicious code, McAfee Labs expects to see apps that target or expose privacy and identity data. This danger will eventually lead to data exposure and threats through new media platforms such as Google TV.
"Platforms that have undersupervised models of app development and distribution are particularly at risk. This haste to sell insecure products will eventually lead to more app-centric privacy and data attacks in 2011," McAFee said.
McAfee Labs has already seen the move toward application-controlled botnets this year in Twitter and LinkedIn and expects this to become the norm in 2011 and beyond, as application deployment and use
becomes more ubiquitous.
Sophistication Mimics Legitimacy
This year we saw an increase in the sophistication of some threats. "Signed" malware that imitates legitimate files will become more prevalent in 2011, McAFee said. This will cause an increase in stolen keys as well as the techniques and tools to forge fake keys to use in these types of attacks.
"Friendly fire" - in which threats appear to come from your friends - from social media such as Koobface and VBMania will continue to grow. This will go hand-in-hand with the increased abuse of social networks, which will eventually overtake email as a leading attack vector.
McAFee also expects to see an increase in "smart bomb" attacks, those designed to trigger under certain conditions but not others. These threats require victims to follow the designated attack path - thwarting honeypots, crawlers, and security researchers - while greatly impacting designated and vulnerable
Botnets continue to be one of the greatest and most sophisticated threats McAfee Labs faces and McAFee expects to see more data exfiltration capabilities in the coming years. Botnets that employ FaceBook and Twitter will expand their scope to include popular social networking sites such as foursquare, Xing, Bebo, Friendster, and others. The growing populations and business
use of these sites is something that cybercriminals simply cannot ignore. McAfee Labs also expects to see more integration of location-based functions within botnets as GPS features continue to become more widespread.
New kinds of sophisticated attacks
will also appear. Information theft, stolen and then disclosed to discredit political opponents, will certainly increase, McAFee added. More groups will repeat the Wikileaks example, as hacktivism is conducted by people claiming to be independent of any particular government or movement. "We expect that social networks will be used more often to bring hacktivism into play next year," McAfee said. "Just as cybercrime has moved from isolated individuals (able to create a piece of malware) to unstructured groups (able to launch a DDoS), we expect to see much more and stronger organization and structure within hacktivist groups in 2011."