Security vendor McAfee Inc. is warning of a rising security risk in 2011 in the 3,000 shortened URLs generated per minute for use on social media sites such as Twitter.
With the growing phenomenon that is social networking and instant communication, the popularity of shortened URLs in a limited character space is a ripe opportunity for cyber criminals, said Jim Galpin, Santa Clara, Calif.-based McAfee’s manager of Canadian consumer sales.
“People click on things and they really don’t know where they’re going to go, or what they’re going to get,” said Galpin.
It’s an incredibly lucrative business for hackers, who can easily drop malware on unsuspecting Twitter users in order to reap private information, said Galpin.
The challenge on the security side, said Galpin, is that the illegitimate sites and mixed in with legitimate ones. And illegitimate sites often morph to avoid detection. “It’s a constantly moving target,” he said.
IT departments can protect themselves by ensuring sufficient security investment in network devices to block potential harm, said Galpin.
The risk inherent in URL-shortening services on social media sites is just one prediction McAfee has made as part of its 2011 Threat Predictions report. Another, also pertaining to social media, is the increased hacker attention to geo-location services such as Foursquare, Gowalla and Facebook Places that track and publish the whereabouts of users.
“It gets a little scary,” said Galpin, explaining that cyber criminals can easily determine a user’s interests based on geo-location information and launch specific targeted attacks at that person.
It’s a vector attack that’s particularly alluring for well-funded organized crime, said Galpin. “The best security advice is really just being educated and know what to look for,” he said.
Social media aside, McAfee also predicts that 2011 will be the year when hackers up the ante on Mac-targeted attacks given the popularity of Apple devices such as the iPhone and iPad. So far, the primary mobile threat to Apple devices has been "jailbreaking" — when users are able to remove usage and access limitations set by Apple — but that’s about to change, said Galpin.
“It taps into the mobile platform, but it’s the growth in smart phone technology and whole proliferation of iPads and PC tablet market,” said Galpin.