Cyber Threats to Watch Out for in 2010

Security is a huge part of the job for most IT administrators. We’re always striving to protect our organizations from the latest barrage of viruses, worms, and other malware. With 2009 over, what types of threats could we face in the year ahead? The recent 2010 Threat Predictions report from McAfee (News – Alert) pegs a few different areas to watch out for in 2010.

Social networks will be one key breeding ground for cyber attacks, says McAfee. As sites like Twitter and Facebook (News – Alert) continue to grow in popularity, especially among the business crowd, cyber crooks will increasingly employ their usual bag of tricks to try to ensnare users.

A site like Facebook can be especially vulnerable as many people will implicitly and unthinkingly trust any “invitation” from their friends. But as McAfee points out, that next invite to play a cool game or run an interesting application from a Facebook friend could be a fake app created by a cybercriminal designed to infect your PC. We’ve already seen such malware attacking Facebook, such as the infamous Koobface worm that first reared its ugly head about a year ago.

Personally, I’ve just about stopped playing games, filling out quizzes, and running most applications in Facebook. I’ve never been comfortable with the way a Facebook app needs to gain access to your personal information in order to run. That’s always seemed like an open vulnerability that could easily allow the wrong people to learn too much about you. Now McAfee’s reminder that these apps are also a way to spread malware is something IT admins and Facebook users should keep in mind.

Another area to watch out for is the use of URL shorteners, popular on social networking and bookmarking sites. Services like bit.ly and tinyurl.com shorten URL strings so they can fit in smaller spaces, such as the 140-character limit imposed by Twitter. But you can’t preview a shortened URL, so you don’t know where it’s going to take you until the page pops up. This makes it easy for cyber crooks to point these URLs to pages that could deliver malware.

Microsoft (News – Alert) apps have traditionally been a popular target for malware writers. But that “honor” may switch over to Adobe this year. As Adobe Reader and Flash have become more prevalent, they’ve also become more of a target for cybercriminals. Adobe Reader in particular has been hit by security holes over the past year, forcing Adobe to take a more active role in keep its app properly patched.

Other threats that McAfee sees in its crystal ball for 2010:

Banking trojans designed to grab your financial account information may become more advanced. Already in 2009, they showed off the ability to sneak past some of the protections currently used by banks. McAfee warns that this year they may be able to silently interrupt transactions and even make withdrawals without being detected.

E-mail attachments will also continue to grow as a primary means of spreading malware. McAfee believes that these attachments could even target specific audiences, such as corporations, journalists – not good news on my end – and individuals.

Botnets, which are responsible for carrying out cyberattacks, will also increasingly use peer-to-peer networking to hop from one computer to another without a central base of operations. Such a strategy will make it more difficult for security professionals to track them down.

So how do you prepare yourself for the potential threats that lie ahead? Well, naturally since McAfee wrote the report, the company would like you to buy its own security software to protect your users. And McAfee does offer software with certain capabilities, such as the ability to scan shortened URLs. The company also recently struck a deal with Facebook to provide Facebook users with a free six-month subscription to its security software.

But any good security suite or application would be your first line of defense in protecting you and your users from the coming threats. It goes without saying that choosing and using the right software and keeping it updated is critical, no matter what security software you deploy. Also, make sure that you keep your organization’s PCs updated with the latest patches from Microsoft to protect the operating system, office suite, and browser.

But beyond the right software, user education is vital. Make sure your users are aware of the latest threats and realize that their actions can have consequences. They need to think twice before opening a file attachment or downloading an application that could expose them and your business to malware. Though 2010 may bring its own share of cyber threats like any other year, protecting your organization and your users is the best role you can play.

Popularity: 4% [?]

Social Networks Potential targets for Cybercriminals reports McAfee Inc

Facebook, Twitter, basically social networking sites are potential targets for the cybercriminals in the year 2010, reports, McAfee Inc, world’s largest dedicated security technology.

McAfee said, that the blowup of apps on Facebook and other services will be a perfect vector for cybercriminals, who will take advantage of friends relying friends to click links they might otherwise treat carefully. Web users rely on friends and trust them as the link is send to them by their friends and family.

There are 350 million users of Facebook and that is a fairly target-rich environs. McAfee has also admonished that URL shorteners, like those used to fit Twitter’s 140-character limit, make the cyber criminal’s task even easier.

Symantec in its recent report on 2010 threats, said, URL shortening services will “become the phisher’s best friend.”

McAfee also reported that the release of Google Chrome OS and the technological advancements of HTML 5 will go on to shift user activity from desktop to online applications, creating yet another opportunity for malware writers to prey on users.

The growing popularity of Adobe applications will give an opportunity to cybercriminals to target Adobe products, primarily Acrobat Reader and Flash, two of the most widely deployed applications in the world, McAfee lab anticipated.

Consumer’s online banking will be the major threat on financial sites and is probable to increase in 2010.

McAfee Labs also forebodes 2010 will be a good year for law enforcement’s fight against cybercrime.

Jeff Green, Senior Vice President of McAfee Labs said in the press statement, that over the past decade, they have seen an enormous advancement in the ability to successfully monitor, reveal, and stop cybercrime. “We’re now facing emerging threats from the explosive growth of social networking sites, the exploitation of popular applications and more advanced techniques used by cybercriminals, but we’re confident that 2010 will be a successful year for the cybersecurity community.”

Popularity: 28% [?]

Kerala gets stronger in fighting cyber crime

Stepping up its combat against cyberpunks, Kerala police has decided to set up cyber cells in all districts, state DGP Jacob Punnoose said today.

The state government has already provided Internet connectivity in all police stations. So the move comes as a logical next step for the government. “Cyber cells alone are not sufficient, we should have cyber crime fighting tools and interaction facilities with other states. Everyday new forms of cyber crimes are being discovered,” Punnoose told reporters.

Speaking after inaugurating the national seminar organised by the City Police to mark the Cyber Safety Day, he also said police personnel should change their attitude and be technologically competent to fight the cyber crimes.

He further said that cyber training facility for police personnel would be started in the near future.

Popularity: 2% [?]