16 January 2014

Mobile security to take a hammering in 2014: McAfee Labs

Expect to receive viruses and other nasty things via social platforms like Facebook, Twitter and Instagram, not just through the computer, but also on your phone. McAfee Labs, the global source for threat research, threat intelligence, and cybersecurity thought leadership, expects threats in 2014 to surface in more areas than ever, especially through the mobile platform. 

According to the company's annual 2014 Predictions Report, released end-December 2013, the trends through its proprietary McAfee Global Threat Intelligence (GTI) service point to virtual currencies such as Bitcoin fuelling the growth of ransomware* across all platforms, including mobile.

“With target audiences so large, financing mechanisms so convenient, and cyber-talent so accessible, robust innovation in criminal technology and tactics will continue its surge forward in 2014,” said Vincent Weafer, Senior VP, McAfee Labs. 

McAfee Labs foresees the following trends in 2014:

1. Mobile malware* will drive growth in both technical innovation and the volume of attacks in the overall malware “market” in 2014. In the last two quarters reported, new PC malware growth was nearly flat, while appearances of new Android samples grew by 33%. 

With businesses and consumers continuing their shift to mobile, McAfee Labs expects to see ransomware aimed at mobile devices, attacks targeting near-field communications (NFC) vulnerabilities, and attacks that corrupt valid apps to extract data without being detected.

2. Virtual currencies will fuel malicious ransomware attacks around the world. Virtual currencies provide cybercriminals with a conveniently unregulated and anonymous payment infrastructure through which to collect money from victims. Currencies such as Bitcoin will enable and accelerate new generations of ransomware such as the Cryptolocker threat of 2013.

3. Criminal gangs and state actors will deploy new stealth attacks that will be harder than ever to identify and stop. There will be broad adoption of advanced evasion techniques, such as the use of sandbox*-aware attacks that do not fully deploy unless they believe they are running directly on an unprotected device. 

Social platforms, such as Facebook and Twitter, will be used more aggressively to target the finances and personal information of consumers, and the intellectual property and trade secrets of business leaders. Such information can be used to target advertising or perpetrate virtual or real-world crimes. 

5. In 2014, new PC attacks will exploit application vulnerabilities in HTML5, a standard which allows websites to come alive with interaction, personalisation, and rich capabilities. On the mobile platform, McAfee Labs is predicting attacks that will breach the browser’s “sandbox” and give attackers direct access to the device and its services. Cybercriminals will increasingly target vulnerabilities below* the operating system, in the storage stack and even in the BIOS*.

6. In 2014, security vendors will continue to add new threat-reputation services and analytics tools that will enable them and their users to identify stealth and advanced persistent threats faster and more accurately than can be done today with basic “blacklisting”* and “whitelisting”* technologies.

7. Deployment of cloud-based corporate applications will create new attack surfaces that will be exploited by cybercriminals. Because they lack sufficient leverage to demand security measures in line with their organisational needs, small businesses that purchase cloud-based services will continue to grapple with security risks that are not addressed by cloud providers’ user agreements and operating procedures.

For a full copy of the 2014 Predictions Report from McAfee Labs, click here.  

*There is a lot of functionality 'below' the operating system which controls fundamental activities such as how data is stored onto a drive, how bright your display is, and what the computer does when the power switch is pressed. This is against the activities 'above' the operating system, such as starting up software like Microsoft Office, playing music when music file is clicked, etc.

*BIOS refers to the code that controls the chips on the motherboard.

*Blacklisting avoids everything in the blacklist as it is not approved, whereas whitelisting embraces everything in the whitelist as it is pre-approved.

*Hypervisors control how data is stored on physical machines so as to create what is known as a cloud, where data can be stored and delivered anytime, anywhere, on any device.

*Malware refers to malicious software.

*Ransomware is malicious software that causes a problem which can only be fixed through paying the hackers money.

*Sandboxes separate suspicious software from the existing system. The suspect software is tested in the sandbox, and only introduced into the system if it is found to be harmless.