Mobile threats to increase, says McAfee

Howard Solomon

11 years ago

There’s a certain inevitability in IT security predictions: Things are only going to get worse.

That, of course, is because Internet crime pays, and pays well, so why should miscreants give it up?

So McAfee Labs’ annual threat predictions report, issued Wednesday, contains few surprises for IT and security administrators. As they must know by now, it’s vital to keep on top of patches and updates.

Still, it is interesting to note that McAfee believes the hactivist group Anonymous will be “less politically visible” this year that before because its “level of technical sophistication has stagnated” and its tactics against potential victims – governments and corporations – are allegedly better known by now.

Meanwhile, McAfee believes, countries will be more frequent actors and victims of
cyberthreats. While so-called “patriot groups” self-organized into cyberarmies have had little impact up until this point, their actions will improve in sophistication and aggressiveness. State-related threats will increase and make the headlines while suspicions about government-sponsored attacks will grow, says McAfee..
Other predictions include:

—More mobile malware:
That includes ransomware that locks up a smart phone or tablet until a price is paid.

Watch for a new mobile worm to go on a major shopping spree in 2013.
The Android/Marketpay. A is a Trojan horse program that buys apps without user permission. In 2013, cyber-crooks will take this malware’s app-buying payload and add it to a mobile worm so attackers won’t need victims to install a piece of malwarem says McAfee.

Looking forward to near-field communications (NFC) for touch and go purchases? They’re an easy target for cyber-thieves, says McAfee, which predicts attackers will create mobile worms with NFC capabilities to steal money via the “bump and infect” method, most commonly used in areas with dense populations like airports and
malls.

—Crimeware and hacking-as-a-service expand
Cybercriminals are notorious for going onto public forums to make business deals with other criminals to offer not only software, but also hacking-as-a-service. As the number of invitation-only criminal forums requiring registration fees is increasing to make forums more secure and anonymous, these offers will be easier to find on the Internet in 2013, says McAfee.

It beleives Citadel will become the Trojan of choice among cybercriminals — with the recent release of Citadel Rain, the Trojan can now dynamically retrieve configuration files, enabling a fraudster to send a targeted payload to a single victim or a selection of victims. Detection will become more difficult as the footprint on the endpoint is minimal until the attack actually occurs.

— Big-Scale attacks increase
Recently, McAfee Labs has seen several attacks in which the only goal
was to cause as much damage as possible — a behaviour that is expected to grow exponentially in 2013. If attackers can install destructive malware on a large number of machines, the results can be devastating.

To keep a business running, production networks and Supervisory Control and Data Acquisition (SCADA) industrial control systems should remain completely separate from the normal network to prevent it from getting hit in the first place, McAfee advises.

McAfee is a division of Intel Corp.

RELATED CONTENT

Websense lists 7 security threats for 2013

Hacker rampage reportedly tied to Anonymous