Apple Set To Be Targetted By Cybercrims

  • Apple devices will be get more attention from cybercrims
  • Social media also will be targetted
  • TV apps also to be exploited

McAfee has unveiled what it believes will be the biggest threats to Cyberspace this coming year. The list comprises 2010 platforms and services, including Google’s Android, Apple’s iPhone, foursquare, Google TV and the Mac OS X platform, which are all expected to become major targets for cybercriminals. McAfee Labs also predicts that politically motivated attacks will be on the rise, as more groups are expected to repeat the WikiLeaks paradigm.

“With more users adopting social networking for both personal and business activities, they have quickly become a highly vulnerable target for cybercriminals to exploit,” said Michael Sentonas, McAfee CTO for APAC. “The popularity of social platforms and mobile devices will lead to a rapid increase in attacks putting user and corporate data at risk.”

Devices, websites, applications and companies being targetted include:

Apple: No longer flying under the radar
Historically, the Mac OS platform has remained unscathed by malicious attackers, but McAfee warns that Mac-targeted malware will continue to increase in sophistication in 2011. The popularity of iPads and iPhones in business environments, combined with the lack of user understanding of proper security for these devices, will increase the risk for data and identity exposure.

Exploiting Social Media: URL-shortening services
Of the social media sites that will be most riddled with cybercriminal activity, McAfee Labs expects those with URL-shortening services will be at the forefront. The use of abbreviated URLs on sites like Twitter makes it easy for cybercriminals to mask and direct users to malicious websites. With more than 3,000 shortened URLs per minute being generated, McAfee Labs expects to see a growing number used for spam, scamming and other malicious purposes.

Exploiting Social Media: Geolocation services
Locative services such as foursquare, Gowalla and Facebook Places can easily search, track and plot the whereabouts of friends and strangers. In just a few clicks, cybercriminals can see in real time who is tweeting, where they are located, what they are saying, what their interests are, and what operating systems and applications they are using. This wealth of personal information on individuals enables cybercriminals to craft a targeted attack.

Mobile: Usage is rising in the workplace, and so will attacks
With the widespread adoption of mobile devices in business environments, combined with historically fragile cellular infrastructure and slow strides toward encryption, McAfee says that 2011 will bring an escalation of attacks and threats to mobile devices, putting user and corporate data at high risk.

Applications: Privacy leaksfrom your TV
New Internet TV platforms were some of the most highly-anticipated devices in 2010.  An increasing number of suspicious and malicious apps for the most deployed media platforms, such as Google TV, will start appearing. These apps will target or expose privacy and identity data, and will allow cybercriminals to manipulate a variety of physical devices through compromised or controlled apps, eventually raising the effectiveness of botnets.

Sophistication Mimics Legitimacy: Your next computer virus could be from a friend
Malicious content disguised as personal or legitimate emails and files to trick unsuspecting victims will increase in sophistication in 2011. “Signed” malware that imitates legitimate files will become more prevalent, and “friendly fire,” in which threats appear to come from your friends but in fact are viruses such as Koobface or VBMania, will continue to grow as an attack of choice by cybercriminals.

Botnets: The new face of Mergers & Acquisitions
Botnets continue to use a seemingly infinite supply of stolen computing power and bandwidth around the globe. Following a number of successful botnet takedowns, including Mariposa, Bredolab and specific Zeus botnets, botnet controllers must adjust to the increasing pressure cybersecurity professionals are placing on them. The recent merger of Zeus with SpyEye will produce more sophisticated bots due to improvements in bypassing security mechanisms and law enforcement monitoring. Expect to see a significant botnet activity in the adoption of data-gathering and data-removal functionality, rather than the common use of sending spam.

Hacktivism: Following the WikiLeaks path
2011 marks a time in which politically motivated attacks will proliferate and new sophisticated attacks will appear. More groups will repeat the WikiLeaks example, as hacktivism is conducted by people claiming to be independent of any particular government or movement, and will become more organised and strategic by incorporating social networks in the process. 

Advanced Persistent Threats: A whole new category
Operation Aurora gave birth to the new category of advanced persistent threat (APT) – a targeted cyberespionage or cybersabotage attack that is carried out under the sponsorship or direction of a nation-state for something other than pure financial/criminal gain or political protest. Companies of all sizes that have any involvement in national security or major global economic activities should expect to come under pervasive and continuous APT attacks that go after email archives, document stores, intellectual property repositories and other databases.

Leave a Reply