Network Security

McAfee Says Beware of Ransom-Ware Attacks in 2013

McAfee Says Beware of Ransom-Ware Attacks in 2013
January 2, 2013 7:54AM

Bookmark and Share
Due to many uncoordinated and unclear operations and false claims, McAfee predicts the Anonymous hacktivist movement will slow down in 2013. Anonymous' level of technical sophistication has stagnated and its tactics are better understood by its potential victims, and as such, the group's level of success will decline, McAfee said.

APC has an established a reputation for solid products that virtually pay for themselves upon installation. Who has time to spend worrying about system downtime? APC makes it easy for you to focus on business growth instead of business downtime with reliable data center systems and IT solutions. Learn more here.

Cybercriminals will focus even more on mobile devices in 2013, but Anonymous attacks will decline. So says McAfee's 2013 Threat Predictions report.

"Cybercriminals and hacktivists will strengthen and evolve the techniques and tools they use to assault our privacy, bank accounts, mobile devices, businesses, organizations and homes," said Vincent Weafer, senior vice president of McAfee Labs. "Only by understanding and preparing for threats can we empower people to secure their information."

Mobile Threats Rising

The number of mobile threats increased dramatically in 2012, as ransom-ware expanded into mobile devices. McAfee predicts the development and deployment of increasingly sophisticated ransom-ware technologies that will "lock up" a phone or tablet and threaten to keep it that way until a ransom is paid, will be a prominent trend in 2013.

The security firm says users have no way of knowing if their device will be unlocked even if they do meet the perpetrator's demands. Since attackers hijack the users' ability to access data, McAfee said, victims will be faced with either losing their data or paying a ransom in the hope of regaining access.

McAfee also pointed to a new mobile worm it expects will go on a major shopping spree in 2013. The Android/Marketpay.A Trojan horse program buys apps without user permission. In 2013 cyber-crooks will take this malware's app-buying payload and add it to a mobile worm so attackers won't need victims to install a piece of malware, the firm predicted.

And it seems mobile phones with NFC-enabled "digital wallets" are an easy target for cyber-thieves. McAfee expects attackers to create mobile worms with NFC capabilities to steal money via the "bump and infect" method, most commonly used in areas with dense populations like airports and malls.

The Decline of Anonymous

Due to many uncoordinated and unclear operations and false claims, McAfee predicts the Anonymous hacktivist movement will slow down in 2013. Anonymous' level of technical sophistication has stagnated and its tactics are better understood by its potential victims, and as such, the group's level of success will decline. While hacktivist attacks won't end in 2013, if ever, they are expected to decline in number and sophistication.

"Nation-states and armies will be more frequent actors and victims of cyberthreats. Patriot groups self-organized into cyberarmies have had little impact up until this point, but their actions will improve in sophistication and aggressiveness," the report said. "In 2013, many more of the world's military units will be on the front line of social networks communicating more frequently. State-related threats will increase and make the headlines, while suspicions about government-sponsored attacks will grow."

McAfee also noted how cybercriminals are notorious for going onto public forums to make business deals with other criminals to offer not only software, but also hacking as a service. As the number of invitation-only criminal forums requiring registration fees is increasing to make forums more secure and anonymous, the firm predicts these offers will be easier to find on the Internet in 2013.

"Citadel will become the Trojan of choice among cybercriminals -- with the recent release of Citadel Rain, the Trojan can now dynamically retrieve configuration files, enabling a fraudster to send a targeted payload to a single victim or a selection of victims," the report said. "Detection will become more difficult as the footprint on the endpoint is minimal until the attack actually occurs."

Tell Us What You Think
Comment:

Name:

Maureen Robinson:

Posted: 2013-01-14 @ 12:41am PT
Great article! There isn't a security threat that you can think of that some security company's marketing literature doesn't promise a solution for. But despite the zeal of marketers and the production of many great security solutions, there are still many threats to enterprise IT that simply cannot be offset, mitigated or prevented by a single technology solution. There also is a lot of misinformation out there that makes for uninformed security professionals and software developers. It's not uncommon to hear things like "well, I run a web vulnerability scanning tool that catches the majority of vulnerabilities", or "my Web Application Firewall mitigates any security holes in my applications" or "the frameworks we use prevent developers from writing insecure code." I cringe when I hear this because I know from experience that tools, frameworks and technologies can only automate, protect, and sandbox your software applications so much. Here's a great article on what tools, technologies and best practices can and cannot protect against: http://blog.securityinnovation.com/blog/2012/12/securing-application-it-systems-what-tools-technologies-and-best-practices-can-and-cannot-protect-ag.html. Hope you find it useful!



 Network Security
1. Juniper DDoS for High-IQ Networks
2. Big DDoS Attacks Hit Record in 2014
3. U.N.: Nations Hide Digital Snooping
4. Can Google Stop Zero Day Flaws?
5. Google Hacker Team to Hunt Bugs




 Most Popular Articles
1. Experts Say Four Threats Put Internet Freedom at Risk
2. Review: Warming Up to Tablets with Keyboard Covers
3. Gartner Rates Security Solutions in Annual Magic Quadrant Report
4. Android SMS Worm Lets Bad Actors Cash In
5. Aerohive Helps Retailers Engage In-Store Customers

Have an informed opinion on this story?
Send a Letter to the Editor.
We want to know what you think.
Send us your Feedback.

 Related Topics  Latest News & Special Reports

  Lenovo Still in Small Windows Tablets
  How Chrome Eats Your Battery Life
  Cisco Woos More Devs with DevNet
  Investor Wants EMC To Spin Off VMware
  Schools Buy Million Chromebooks in Q2

 Technology Marketplace
Big Data
Unlock your enterprise data's potential. Learn how in the research report.
Are you getting everything you can out of your business data?
 
Business Intelligence
Get real-time, cloud-based information services with Neustar.
 
CIO Issues
Secure and retain skilled technology professionals. Learn how.
 
Cloud Computing
Are you getting everything you can out of your business data?
 
Data Storage
Unlock your enterprise data's potential. Learn how in the research report.
 
Enterprise Hardware
Protect your network with APC Smart-UPS battery backup
Cisco UCS Invicta Series flash memory systems
 
Enterprise I.T.
Register for an upcoming ISACA® certification exam today
Secure and retain skilled technology professionals. Learn how.
 
Enterprise Software
Unlock your enterprise data's potential. Learn how in the research report.
 
Hardware
Protect your network with APC Smart-UPS battery backup
Cisco UCS Invicta Series flash memory systems
 
Network Security
Protect your network with APC Smart-UPS battery backup