McAfee warns of nine cyberthreats for 2011
Hacktivism, sophisticated email attacks, social networking attacks are all expected
Hamed Diab, regional director Middle East, McAfee says that the Middle East will be coming under nine different categories of threats in 2011, including hacktivism and social networking attacks as well as sophisticated email attacks.
McAfee is currently focusing it energy on protecting its enterprise customers from all forms of malicious attacks that will happen in the region this year.
The company's first threat prediction is that attacks through social media, especially shortened URLs, will increase exponentially.
Twitter and Facebook have created short URLs so users can easily click and share information, but the short addresses also make it easy for cybercriminals to take advantage of them and difficult for users to see where the link is really taking them.
"Facebook and Twitter have made shortened URL addresses in order to make it easy for users to connect via their services. Apparently, it is also making it easier for the cybercriminals to mask and direct users to malicious websites. We have seen about 3,000 shortened URLs per minute being generated from these sites, so basically McAfee would expect to see a growing number that use them for spam and scamming and malicious purposes," said Diab.
The second worrying prediction is the use of geolocators by cybercriminals, to not only track movements, but steal personal information and learn what operating systems and applications are being used.
Diab says geolocators such as Foursquare and Facebook Places allow criminals to track and plot your whereabouts and see your interests in just a few clicks.
"This type of wealth of personal information on individuals will also enable cyber criminals to craft targeted attacks, so we see again at McAfee that cybercriminals will increasingly use these tactics across the most popular social networking sites in 2011," said Diab.
The third threat prediction is hacking via smartphones. While use of smartphones is thriving in the workplace, so are attacks on those smartphones, according to Diab.
"We will see an explosion of attacks on mobile devices. Both home users and corporate data are at a very high risk in 2011," said Diab.
Apple has been named as the fourth threat to a user's security and is the only brand to be specifically named in McAfee's list of serious threats in 2011. With the growing popularity of the brand, comes the growth of cyberattacks, according to Diab.
"Apple in the past has been under the radar, so we think that the targeted malware will continue to increase in sophistication in 2011 with the popularity of the iPad and iPhone in the business environment combined with a lack of security for the devices, we see a risk for data," he added.
The fifth threat is attacks via internet TV services. With the increase in internet TV, comes a higher risk of hacking by cybercriminals, while this is not prevalent yet in the Middle East, it is a worry across most of Europe and the US.
The sixth and largest threat in 2011 according to McAfee is hacking through emails. Cybercriminals are getting smarter and more sophisticated and malware may not be hidden in an obvious spam email anymore.
"What we have seen is that the major vector of threats is coming via emails. Malicious content disguised in a legitimate email or file to trick users or victims, is going to increase in sophistication in the methodology and forms of manipulation in 2011.What we call designed malware which imitates legitimate files will become very prevalent," said Diab.
McAfee says these email attacks will go hand-in-hand with the increased abuse of social networking and eventually social networking crime will even overtake email scams.
Diab warns that 2011 will see more and more sophisticated botnets, the seventh threat on the list, especially with the recent merger of Zeus and SpyEye.
New botnets are likely to be able to pass through security mechanisms.
Botnets have now also changed tactics and instead of being sent in spam, are gathered up while gathering data on the web.
Another increasing cybercrime trend is hacktivism, which is politically motivated hacking.
"We expect that hacktivism will be the new way to demonstrate political positions in 2011 and beyond," said Diab.
The most recent example of this is Wikileaks gathering data from government websites and the massive cyber protest that occurred when Julian Assange was arrested. Groups were hacking any website they believed was against Wikileaks to protest his detainment.
A more serious cyber attack is those facing companies and businesses that deal in state security or the economy. Diab predicts that these companies will be under continuous advanced persistent threats. This type of attack is a whole new category according to McAfee.
"The targeted cybertage or sabotage will be carried out under the direction or sponsorship of a nation or state rather than pure financial criminal gain or protest. We warn companies of all sizes that have any involvement in national security, all major global economic activity should expect to come under the pervasive and continuous threats that go after email archives, documents, intellectual repositories and other databases," said Diab.