McAfee's Top Ten Security Threats for 2007 - Page 3

Dec 1, 2006

Allen Bernard

Late 2006 saw a flurry of spy-ware offerings in the mobile world. Most are designed to monitor phone-numbers and SMS call-logs, or to steal SMS messages by forwarding copies to another phone.

One spyware in particular, SymbOS/Flexispy.B, is able to remotely activate the microphone of the victim's device, allowing someone to eavesdrop upon that person. Other spyware can activate the camera. McAfee expects that the offerings of commercial spyware targeting mobile devices to grow in 2007.

Adware will go mainstream. In 2006, McAfee Avert Labs saw an increase in commercial Potentially Unwanted Programs (PUPs), and an even larger increase in related types of malicious Trojans, particularly keyloggers, password-stealers, bots and backdoors.

In addition, misuse of commercial software by malware with remotely controlled deployment of adware, keyloggers and remote control software is on the rise. However, despite the social, legal and technical challenges, there is so much commercial interest in advertising revenue models that McAfee expects to see more legitimate companies using or attempting to use advertising software in ways (hopefully) less objectionable to consumers than most current adware.

Identity theft and data loss will continue to be a public issue. According to the U.S. Federal Trade Commission, approximately 10 million Americans are victims of identity fraud each year. At the root of these crimes is often computer theft, loss of backups or compromised information systems.

While McAfee expects the number of victims to remain relatively stable, company disclosures of lost or stolen data, increasing incidents of cyberthefts and hacking into retailer, processor and ATM systems and reports of stolen laptops that contain confidential data will continue to keep this topic of public concern.

McAfee Avert Labs also predicts the unauthorized transmission of information will become more of a risk for enterprises in the area of data loss and noncompliance.

This includes loss of customer data, employee personal information and intellectual property from possible data leakage channels -- applications, networks, and even physical channels, like USB devices, printers, fax and removable storage. McAfee also expects to see an increase in archival and encryption as the data loss prevention (DLP) market matures.

Bots will increase. Bots, computer programs that perform automated tasks, are on the rise, but will move away from Internet Relay Chat (IRC)-based communication mechanisms and towards less obtrusive ones. In the last few years, there has been increasing interest within the virus-writing community in IRC threats.

his was due to the power afforded by the IRC scripting language and the ease of coordinating infected machines from a chat-room type of structure.

"Mules" will also continue to be an important aspect in bot-related money making schemes. These are work-at-home type jobs which are offered through very professional-looking websites, through classified ads, and even through instant messaging (IM).

These are a crucial part of the reason so many bots are able to be run from places around the globe. In order to get merchandise (often to resell) or cash with stolen credit card credentials, the thieves have to go through more strict regulations if the goods are going to another country. To get around these regulations, they use mules within those originating countries.

Page 3 of 4


0 Comments (click to add your comment)
Comment and Contribute

Your comment has been submitted and is pending approval.



 (click to add your comment)

Comment and Contribute

Your name/nickname

Your email


(Maximum characters: 1200). You have characters left.