However, in some good news, McAfee also predicts that it will be a good year for law enforcement’s fight against cybercrime, and observes that over recent years it has seen significant progress in the universal effort to identify, track, and combat cybercrime by governments worldwide.
The security firm says that next year marks a decade in the fight that international law enforcement agencies have undertaken against cybercrime, and it believes that this year the world will see many more successes in the pursuit of cybercriminals.
“Over the past decade, we’ve seen a tremendous improvement in the ability to successfully monitor, uncover, and stop cybercrime” said Jeff Green, senior vice president of McAfee. “We’re now facing emerging threats from the explosive growth of social networking sites, the exploitation of popular applications and more advanced techniques used by cybercriminals, but we’re confident that 2010 will be a successful year for the cybersecurity community.”
On the threat to social networks, McAfee says that Facebook, Twitter, and third-party applications on these sites are “rapidly changing the criminal toolkit, giving cybercriminals new technologies to work with and hot spots of activity that can be exploited.”
And, according to McAfee users will become “more vulnerable to attacks that blindly distribute rogue apps across their networks,” and cybercriminals will take advantage of friends trusting friends to get users to click on links they might otherwise treat cautiously.
CONTINUED page 2
The use of abbreviated URLs on sites like Twitter make it even easier for cybercriminals to mask and direct users to malicious Web sites, according to McAfee, and the company predicts that cybercriminals will increasingly use these tactics across the most popular social networking sites in 2010.
• Web evolution will give cybercriminals new opportunities to write malware, says McAfee, adding that the release of Google Chrome OS and the technological advancements of HTML 5 will continue to shift user activity from desktop to online applications, “creating yet another opportunity for malware writers to prey on users,” with HTML 5’s anticipated cross-platform support also providing an additional motivation for attackers, enabling them to reach users of many mainstream browsers.
• McAfee also predicts that banking Trojans and email attachments delivering malware will rise in volume and sophistication, and it warns that banking Trojans, having demonstrated new tactics in 2009, will become even more sophisticated in 2010 and easily get around current protections used by banks.
According to McAfee, new techniques include a Trojan’s ability to silently interrupt a legitimate transaction to make an unauthorized withdrawal and simultaneously check the user’s transaction limits to stay below them and avoid alerting the bank. Email attachments, a longstanding delivery method for malware, will continue to rise in volume and increasingly target corporations, journalists, and individual users.
• Cybercriminals continue to target Adobe Reader and Flash, McAfee says, and the company saw an increase in attacks targeting client software last year. McAfee also says that due to the growing popularity of Adobe applications, it expects that cybercriminals will continue to target Adobe products, primarily Acrobat Reader and Flash, expecting Adobe product exploitation will likely surpass that of Microsoft Office applications in 2010.
• Finally, McAfee says that Botnets, the versatile infrastructure that launches nearly every type of cyberattack from spamming to identity theft, will continue to use a “seemingly infinite supply of stolen computing power and bandwidth around the globe.”
CONTINUED page 3
This year, McAfee also says it expects to see a significant adoption of peer-to-peer control, “a distributed and resilient botnet infrastructure, rather than the centralized hosting model that we see today.”