McAfee Inc. unveiled its 2010 Threat Predictions report.
McAfee Labs believes cybercriminals will target social networking sites and
third-party applications, use more complex Trojans and botnets to build and
execute attacks, and take advantage of HTML 5 to create emerging threats. McAfee
Labs also predicts 2010 will be a good year for law enforcement’s fight against
cybercrime.
“Over the past decade, we’ve seen a tremendous improvement in the ability to
successfully monitor, uncover, and stop cybercrime,” said Jeff Green, senior
vice president of McAfee Labs. “We’re now facing emerging threats from the
explosive growth of social networking sites, the exploitation of popular
applications and more advanced techniques used by cybercriminals, but we’re
confident that 2010 will be a successful year for the cybersecurity community.”
McAfee Labs Threat Predictions for 2010:
Social Networks Will Be Platform of Choice for
Emerging Threats
Facebook, Twitter, and third-party applications on these
sites are rapidly changing the criminal toolkit, giving cybercriminals new
technologies to work with and hot spots of activity that can be exploited. Users
will become more vulnerable to attacks that blindly distribute rogue apps across
their networks, and cybercriminals will take advantage of friends trusting
friends to get users to click on links they might otherwise treat cautiously.
The use of abbreviated URLs on sites like Twitter make it even easier for
cybercriminals to mask and direct users to malicious Web sites. McAfee Labs
predicts that cybercriminals will increasingly use these tactics across the most
popular social networking sites in 2010.
Web Evolution Will Give Cybercriminals New
Opportunities to Write Malware
The release of Google Chrome OS and the
technological advancements of HTML 5 will continue to shift user activity from
desktop to online applications, creating yet another opportunity for malware
writers to prey on users. HTML 5’s anticipated cross-platform support also
provides an additional motivation for attackers, enabling them to reach users of
many mainstream browsers.
Banking Trojans, Email Attachments Delivering Malware
Will Rise in Volume, Sophistication
McAfee Labs warns that banking
Trojans, having demonstrated new tactics in 2009, will become even more
sophisticated in 2010 and easily get around current protections used by banks.
New techniques include a Trojan’s ability to silently interrupt a legitimate
transaction to make an unauthorized withdrawal and simultaneously check the
user’s transaction limits to stay below them and avoid alerting the bank. Email
attachments, a longstanding delivery method for malware, will continue to rise
in volume and increasingly target corporations, journalists, and individual
users.
Cybercriminals Continue to Target Adobe Reader,
Flash
In 2009, McAfee Labs saw an increase in attacks targeting client
software. Due to the growing popularity of Adobe applications, McAfee Labs
expects that cybercriminals will continue to target Adobe products, primarily
Acrobat Reader and Flash, two of the most widely deployed applications in the
world. McAfee Labs expects Adobe product exploitation will likely surpass that
of Microsoft Office applications in 2010.
Botnet Infrastructure Shifts from Centralized Model to
Peer-to-Peer Control
Botnets, the versatile infrastructure that launches
nearly every type of cyberattack from spamming to identity theft, will continue
to use a seemingly infinite supply of stolen computing power and bandwidth
around the globe. Following a number of successful botnet takedowns, including
the McColo ISP, botnet controllers must adjust to the increasing pressure
cybersecurity professionals are placing on them. In 2010, McAfee Labs expects to
see a significant adoption of peer-to-peer control, a distributed and resilient
botnet infrastructure, rather than the centralized hosting model that we see
today. For cybercriminals, the benefits will finally outweigh the costs of the
peer-to-peer model, due to the security community’s increasingly aggressive
attempts to shut down and deny access to botnets.
Cybercrime: A Good Year for Law
Enforcement
Next year marks a decade in the fight that international law
enforcement agencies have undertaken against cybercrime. McAfee Labs has seen
significant progress in the universal effort to identify, track, and combat
cybercrime by governments worldwide. McAfee believes that in 2010 we’ll see many
more successes in the pursuit of cybercriminals.
