Get ready for more mobile ransomware in 2014, says McAfee

Innovation is usually a positive word, ascribed to the efforts of organizations to improve profitability and productivity.

Regretably, creators of IT threats are expected to be even more innovative in 2014 than they were this year, according to Doug Cooke, director of sales engineering at McAfee Canada.
“As the technology evolves hackers look at different things,’ he said in an interview as McAfee released its 2014 threat prediction report.

“Instead of a ‘spray and pray’ approach (to distributing malware) they’re being much more targeted” including going after critical infrastructure.

Here are McAfee’s seven predictions for the coming year:

–Always ready to follow the money, the bad guys will continue turning their efforts towards mobile malware. It was the fastest growing trend this year, Cooke added. “Ransomware” – malware that takes over your device and won’t let go until you pay for a so-called fix — will move to mobile operating systems. Also, as near field communications (NFC) – the capability to swipe a mobile device by a scanner for payment – spreads, it will increasingly be looked at as an attack vector.

The vehicles will be traditional – users clicking on a link.

Enterprises should be warned: With an increasing number of mobile devices tolerated within organizations, dealing with mobile-based threats will be something to be prepared for.

–Virtual currencies like bitcoin, ripple, litecoin and others will be “the vehicle of choice hackers will use when attempting to fleece people of their money – including through ransomware.

Why? Because digital currencies provide cybercriminals with so-far unregulated and anonymous payment structures.

–“Hackers are getting smart,” Cooke said. When they create a new piece of malware it gets targeted, making it harder for security companies to get examples of it and build a defence. That’s one reason why sandbox defences are increasing, he said. Hackers are responding with malware that doesn’t execute in a sandbox, which can defeat an intrusion protection scanner. Malware evasion techniques will be quite sophisticated.

–Social media-based threats will increase. Think of the botnet on Facebook that scraped up user passwords. Attackers will also increasingly try using Facebook for phishing attacks to get unsuspecting people to click on links for changing passwords or give out personal information. Linkedin will also be a target.

— HTML 5 is rapidly being used by more organizations for Web-based content. New PC attacks will exploit vulnerabilities created in part by inexperienced coders. And cybercriminals will also go after BIOS systems and storage devices.

–It wouldn’t be an IT story if cloud computing didn’t get mentioned. Guess what – cloud based corporate applications will also be increasingly targeted. After all, hypervisors are ubiquitous.

Would you recommend this article?

0
0

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Related Tech News