McAfee Labs predicts Facebook, Twitter will be larger cyber security targets

Social networks and HTML 5 will be targets, McAfee says, adding that trojan sophistication will increase as law enforcement makes 2010 progress in cybercrime-fighting efforts.

01/04/2010


Get more 2010 McAfee Labs Threat Predictions.

 

McAfee says it provides full spectrum network defense.

McAfee says it provides full spectrum network defense.

McAfee Inc. (NYSE:MFE) 2010 Threat Predictions report says cybercriminals will target social networking sites and third-party applications, use more complex Trojans and botnets to build and execute attacks, and take advantage of HTML 5 to create emerging threats. McAfee Labs also predicts 2010 will be a good year for law enforcement's fight against cybercrime.

"Over the past decade, we've seen a tremendous improvement in the ability to successfully monitor, uncover, and stop cybercrime," said Jeff Green, senior vice president of McAfee Labs. "We're now facing emerging threats from the explosive growth of social networking sites, the exploitation of popular applications and more advanced techniques used by cybercriminals, but we're confident that 2010 will be a successful year for the cybersecurity community."

McAfee Labs Threat Predictions for 2010 include the following.

btn_facebook.gif
- Social networks will be platform of choice for emerging threats : Facebook, Twitter, and third-party applications on these sites are rapidly changing the criminal toolkit, giving cybercriminals new technologies to work with and hot spots of activity that can be exploited. Users will become more vulnerable to attacks that blindly distribute rogue apps across their networks, and cybercriminals will take advantage of friends trusting friends to get users to click on links they might otherwise treat cautiously. The use of abbreviated URLs on sites like Twitter make it even easier for cybercriminals to mask and direct users to malicious Web sites. McAfee Labs predicts that cybercriminals will increasingly use these tactics across the most popular social networking sites in 2010.

Twitter logo
- Web evolution will give cybercriminals new malware-writing opportunities : Release of Google Chrome OS and the technological advancements of HTML 5 will continue to shift user activity from desktop to online applications, creating yet another opportunity for malware writers to prey on users. HTML 5's anticipated cross-platform support also provides an additional motivation for attackers, enabling them to reach users of many mainstream browsers.

- Banking trojans and email attachments delivering malware will rise in volume, sophistication : McAfee Labs warns that banking Trojans, having demonstrated new tactics in 2009, will become even more sophisticated in 2010 and easily get around current protections used by banks. New techniques include a Trojan's ability to silently interrupt a legitimate transaction to make an unauthorized withdrawal and simultaneously check the user's transaction limits to stay below them and avoid alerting the bank. Email attachments, a longstanding delivery method for malware, will continue to rise in volume and increasingly target corporations, journalists, and individual users.

- Cybercriminals continue to target Adobe Reader, Flash : In 2009, McAfee Labs saw an increase in attacks targeting client software. Due to the growing popularity of Adobe applications, McAfee Labs expects that cybercriminals will continue to target Adobe products, primarily Acrobat Reader and Flash, two of the most widely deployed applications in the world. McAfee Labs expects Adobe product exploitation will likely surpass that of Microsoft Office applications in 2010.

- Botnet infrastructure shifts from centralized model to peer-to-peer control: Botnets, the versatile infrastructure that launches nearly every type of cyberattack from spamming to identity theft, will continue to use a seemingly infinite supply of stolen computing power and bandwidth around the globe. Following a number of successful botnet takedowns, including the McColo ISP, botnet controllers must adjust to the increasing pressure cybersecurity professionals are placing on them. In 2010, McAfee Labs expects to see a significant adoption of peer-to-peer control, a distributed and resilient botnet infrastructure, rather than the centralized hosting model that we see today. For cybercriminals, the benefits will finally outweigh the costs of the peer-to-peer model, due to the security community's increasingly aggressive attempts to shut down and deny access to botnets.

- Cybercrime: A good year for law enforcement : 2010 marks a decade in the fight that international law enforcement agencies have undertaken against cybercrime. McAfee Labs has seen significant progress in the universal effort to identify, track, and combat cybercrime by governments worldwide. McAfee believes that in 2010 we'll see many more successes in the pursuit of cybercriminals.

Get more 2010 McAfee Labs Threat Predictions at: www.mcafee.com/us/local_content/white_papers/7985rpt_labs_threat_predict_1209_v2.pdf

Also read from MBT :

- Dennis Brandl: Control vendors bundle anti-virus, spyware-protection with products ; and

- Multi-vendor effort seeks easier way of eradicating rogue programs .

- Edited by Mark T. Hoske, online products editor, Manufacturing Business Technology, MBT , www.mbtmag.com.





No comments
Consulting-Specifying Engineer's Product of the Year (POY) contest is the premier award for new products in the HVAC, fire, electrical, and...
Consulting-Specifying Engineer magazine is dedicated to encouraging and recognizing the most talented young individuals...
The MEP Giants program lists the top mechanical, electrical, plumbing, and fire protection engineering firms in the United States.
High-performance buildings; Building envelope and integration; Electrical, HVAC system integration; Smoke control systems; Using BAS for M&V
Pressure piping systems: Designing with ASME; Lab ventilation; Lighting controls; Reduce energy use with VFDs
Smoke control: Designing for proper ventilation; Smart Grid Standard 201P; Commissioning HVAC systems; Boilers and boiler systems
Case Study Database

Case Study Database

Get more exposure for your case study by uploading it to the Consulting-Specifying Engineer case study database, where end-users can identify relevant solutions and explore what the experts are doing to effectively implement a variety of technology and productivity related projects.

These case studies provide examples of how knowledgeable solution providers have used technology, processes and people to create effective and successful implementations in real-world situations. Case studies can be completed by filling out a simple online form where you can outline the project title, abstract, and full story in 1500 words or less; upload photos, videos and a logo.

Click here to visit the Case Study Database and upload your case study.

Protecting standby generators for mission critical facilities; Selecting energy-efficient transformers; Integrating power monitoring systems; Mitigating harmonics in electrical systems
Commissioning electrical systems in mission critical facilities; Anticipating the Smart Grid; Mitigating arc flash hazards in medium-voltage switchgear; Comparing generator sizing software
Integrating BAS, electrical systems; Electrical system flexibility; Hospital electrical distribution; Electrical system grounding
As brand protection manager for Eaton’s Electrical Sector, Tom Grace oversees counterfeit awareness...
Amara Rozgus is chief editor and content manager of Consulting-Specifier Engineer magazine.
IEEE power industry experts bring their combined experience in the electrical power industry...
Michael Heinsdorf, P.E., LEED AP, CDT is an Engineering Specification Writer at ARCOM MasterSpec.