Top Targets for Emerging Threats in 2011

This McAfee Labs list comprises 2010’s most buzzed about platforms and services, all of which are expected to be major targets for cybercriminals in the coming year.

Exploiting Social Media: URL-shortening services
With more than 3,000 shortened URLs being generated per minute, McAfee Labs expects to see a growing number used for spam, scamming, and other malicious purposes.

Exploiting Social Media: Geolocation services
Locative services can easily search, track, and plot the whereabouts of friends and strangers. Cybercriminals can see what users are saying and where they are located in real time, as well as their interests and which operating systems and applications they are using.

Mobile: Usage is rising in the workplace, and so will attacks
2011 will bring a rapid escalation of attacks and threats to mobile devices, putting user and corporate data at very high risk.

Apple: No longer flying under the radar
The popularity of iPads and iPhones in business environments, combined with the lack of user understanding of proper security for these devices, will increase the risk for data and identity exposure.

Applications: Privacy leaks—from your TV
New Internet TV platforms were “rushed to market” by developers, and some lack security. These apps will target or expose privacy and identity data, and will allow cybercriminals to manipulate a variety of physical devices through compromised or controlled apps.

Sophistication Mimics Legitimacy: Your next computer virus could be from a friend
Malicious content disguised as personal or legitimate emails and files to trick unsuspecting victims will increase in sophistication. “Signed” malware that imitates legitimate files will become more prevalent, and “friendly fire,” in which threats appear to come from your friends, will grow.

Botnets: The new face of Mergers & Acquisitions
Botnets continue to use a seemingly infinite supply of stolen computing power and bandwidth. McAfee Labs predicts that the recent merger of Zeus and SpyEye will produce more sophisticated bots.

Hacktivism: Following the WikiLeaks path
Politically motivated hacks will proliferate and new, more sophisticated attacks will occur. More groups, consisting of individuals claiming to be independent of any particular government or movement, will follow WikiLeaks’ lead.

Advanced Persistent Threats: A whole new category
Operation Aurora gave birth to the new category of advanced persistent threat (APT)— a targeted cyber espionage or cyber sabotage attack carried out under the sponsorship or direction of a nation-state for something other than pure financial/criminal gain or political protest.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto, discusses credit and debit card fraud on CNBC. Disclosures