Popular social networking sites such as Twitter and Facebook, Google’s Web-based Chrome operating system, and the updated HTML 5 (hyper text markup language), are prime targets for cyber attacks in 2010, says a recent report from security firm MacAfee Inc.
Businesses, computer users and developers need to prepare for a slew of old and new security threats, said David Marcus, director of security research and communications for McAfee Labs, the security firm’s monitoring and research arm.
Marcus noted that over a span of less than two decades, people have moved from simple communications over the Internet to social networking, enjoying content-rich entertainment, engaging in individual and corporate financial transactions, as well as developing and distributing services and applications.
“The Web has become the victim of its own success,” he said. “Cyber crooks go where the people go.”
Security threats in 2010 will not be much different from the previous year, says Claudiu Popa, president, chief security officer and founder of Informatica Corp. in Toronto.
Apart from a “spam explosion”, he also foresees increased malware attacks on smartphones and hijacking of search engines.
Here is a brief rundown of some of McAfee Labs’ threat predictions for 2010:
Rogue apps rampant
Facebook, Twitter and third party applications on these sites are prime targets for cybercriminals constantly scouring for online user “hot spots.”
MacAfee predicts users will become more vulnerable to attacks that blindly distribute rogue apps across these social networks.
Marcus said attackers will continue to exploit the “viral” nature of the medium. “Criminals will take advantage of friends trusting friends to get users click on links to malware-infested sites.”
Use of abbreviated URLs on micro-blogging sites, such as Twitter, will grow in 2010. “Shortened URLs are perfect for hiding links to malicious sites, Marcus warned.
Chrome and HTML 5
Google’s much-awaited Web-based operating system, dubbed Chrome and the newly released HTML 5 standard, which promises richer Web applications will become top malware targets, the McAfee Labs report says.
Much like previous Microsoft operating systems, Google’s Chrome OS too will be a prime target for many hackers, Marcus predicts.
He said Google would need to evolve its version of Patch Tuesday for Chrome, as Microsoft instituted weekly software patches.
HTML 5 promises to enhance interoperability between desktop computers and the Internet — further pushing the bounds of cloud computing.
This phenomenon, however, has a downside, Marcus warned.
It will make many users vulnerable to new cyber threats aimed at HTML 5. Organizations and users need to ensure they are using updated software and anti-malware products, he said. Developers using HTML 5 need to build-in stronger security features into their products.
Adobe Reader and Flash will continue to be popular targets as users continue to use these client software products, which could surpass the popularity of Microsoft Office in 2010. “It really speaks to Adobe’s popularity. When you’re searching online for a document, chances are it’s a PDF you’re going to download,” said Marcus
Banking Trojans
In 2009, many cybercrooks targeted small and mid-sized businesses that had PCs infected with Trojan malware.
The cybercriminals would infiltrate the machines, and steal private client information and transaction data.
New techniques used by crooks in 2010 will involve silently interrupting a legitimate transaction to conduct unauthorized withdrawals and simultaneously checking the user’s transaction limits.
“This will enable criminals to stay below the limit and avoid detection.”
Peer-to-peer bots
Last year authorities spam numbers plummeted when authorities took down large botnets, such as Pricewert.
Mammoth botnets, such as McColo are on the way out as cybercriminals shift from a centralized control model to peer-to-peer control.
“Spamming for identity theft will continue but cybercriminals in 2010 will favour the distributed infrastructure of peer-to-peer hosting,” said Marcus.
With a single central device controlling the entire botnet, it becomes easier to implement protection, noted James Quin, senior research analyst at London, Ont.-based Info-tech Research Group.
For example, by writing a firewall rule that blocks outbound communications with the address of the central command server, infected devices can be effectively removed from a botnet and be cleaned.
“A distributed control model makes this type of protection significantly more complex as communications must be blocked with a potentially vast number of devices,” Quin said.
The best defence against peer-to-peer botnets is use of up-to-date anti-malware software and rigorous systems patching to ensure infection doesn’t occur in the first place, he said.
What businesses can do
Businesses that make security a top priority are more likely to survive an attack, said Ben Sapiro, research director for security practices at Telus Security Labs.
He said measurement and awareness are two of the most important strategies to improve a firm’s information security capabilities.
For instance, relevant and standardized metrics that take into account satisfaction, compliance and audit issues should be used by the business’ senior management, while technical measurements such as patch management should be assigned to IT staff, he said.
Popa of Informatica agrees.
“There is no substitute for visibility and real-time monitoring when it comes to defusing security threats,” he said.
Marcus of MacAfee Labs also cautions businesses to use due diligence when installing software and choosing providers.
“Never deploy new apps just for the sake of rolling out something new,” he said. “Always investigate if it serves a justifiable purpose and will not negatively affect security and business operations.”
A company should also ensure its software or apps provider can provide security as well as 24/7 availability for the business and its clients.
