Skip to main content

The Future of Malware | News

The future of Malware | News from “”

Future of MalwareSecurity breaches look set to bet worse as hacker groups target smartphones and social media and release more information online. Jeff Vance reports.

Personal information leaked online is becoming an all too common occurrence. For example, Sony suffered a massive breach of its PlayStation Network earlier this year that led to the theft of names, addresses and possibly credit-card data belonging to 77 million users.
If you think the situation is bad now, just wait. Things will get worse as more information is dumped online by mischievous hacker groups such as Anonymous, and cybercriminals begin to target smartphones and social media.
In August, AntiSec (a collaboration between Anonymous and the disbanded LulzSec group) released more than 10GB of information from 70 US law-enforcement agencies. According to Todd Feinman, CEO of DLP vendor Identity Finder, AntiSec wasn’t motivated by money.
“AntiSec doesn’t like how various law-enforcement agencies operate and it’s trying to embarrass and discredit them,” he said.
But, he added, what it doesn’t realize is that when it publishers sensitive persona information, it’s helping low-skilled cybercriminals commit identity theft. Every week, another government department or business has its records breached – some 250,000 to 500,000 each year, estimated Feinman. Few details from those breaches are published online for all to see, however.
While certain high-profile attacks, such as the one on Sony, are intended to embarrass and spark change, the US law-enforcement breach could represent a shift in hacker thinking. AntiSec’s motivations appear to have a key difference, with the attackers consciously considering collateral damage as a strategic weapon. According to Feinman, AntiSec wrote online; “We don’t care about collateral damage. It will happen, and so be it.”

Social Networking

Facebook Malware
Experts say the future of malware is more about how potential victims will be targeted than how it will be engineered. Collateral damage won’t be limited to innocents compromised through no fault of their own.
Have you ever accepted a friend request on Facebook or connected to someone on Linkedin you don’t know? Perhaps you thought it was someone from school you’d forgotten about, or a former colleague whose name had slipped your mind. Not wanting to seem rude, you accepted them as a friend and quickly forgot about it. “When people make trust decisions with social networks, they don’t always understand the ramifications. Today, you are far more knowable by someone who doesn’t know you than ever,” said Kr Hugh Thompson, program chair of RSA Conferences.
We all know people who discuss everything they do on a social network or blog, from eating their breakfast to clipping their toenails. While most of us consider these people a nuisance and may hide their status updates, cybercriminals love them.
“Password-reset questions are easy to guess, and tolls such as, while not created for this purpose, provided hackers with useful information,” said Thompson.
There are a few areas he believes the IT security industry needs to concentrate on: security for social media, ways to manage the information shared about you, and better methods for measuring evolving risks.

Enterprise Targets

mobile malware and your businessFake security software is the most common type of social-engineering attack that researchers at Blue Coat Systems come across. Chirs Larsen, head of the lab, explained that social network’s aren’t being used only to target individuals.
Larsen outlined a recent attack attempt where hackers targeted executives of a major corporation through their spouses.
The chances were at least one of the businessmen would have a poorly secured home PC that he shared with his non-tech-savvy wife. This would provide the backdoor needed to gain access to the company.
“Whaling is definitely on the rise,” said Paul Wood, senior intelligence analyst for “Just a couple years ago, we saw one or two of these sorts of attacks per day. Today, we catch as many as 80.”
According to Wood, social engineering is by far the most potent weapon in the cybercriminal’s toolbox (automated, widely available malware and hacking toolkits are number two). Combine that with the fact that many senior executives circumvent IT security because they want the latest and trendiest devices, and cybercriminals have many valuable, easy-to-hit targets in their sights.
“Attacks on small businesses are increasingly dramatic because they are usually the weakest link in a larger supply chain,” said Wood.
There’s no sure way to defend against this. Until companies start scrutinizing the cyber-security of their partners and suppliers, they can’t say with any certainty whether or not they themselves are secure. While it’s common for large firms to keep a close eye on their suppliers, with factory visits that result in the implementation of an array of ‘best practices’, companies aren’t doing this when it comes to cyber-security.

Smartphone Threats

AndroidMalwareSmartphone threats are on the rise, but we’ve yet to see a major incident. This is partly due to platform fragmentation. Malware creators still get better results by targeting PCs or websites.
Larsen believes that platform-agnostic, web-based worms represent the new frontier of malware. Platform-agnostic malware lets legitimate developers do same of the heavy lifting for malware writers. As developers re-engineer sites and apps to work on a variety of devices, hackers can then target the HTML, XML, Jpegs and so on that render on any device anywhere.
Mobile phones are serving as a second identity factor for all sorts of corporate authentication schemes. Businesses that used to rely on hard tokens, such as RSA SSecureID, are moving to soft tokens, which can reside on mobile phones roaming beyond the corporation as easily as on PCs ensconced within corporate walls.
Two-factor authentication originally emerged because people couldn’t trust computers. Using mobile phones as an identity factor defeats two-factor authentication,” said Marc Maiffret, CTO of eEye Digital Security.
Today, Android is the big smartphone target, but don’t be surprised if attackers soon turn their attention to the iPhone – especially if third-party antivirus programs become more or less standard on Android devices. iPhone demographics are appealing to attackers, and security experts will tell you that Apple products are notoriously insecure.
Apple is reluctant to provide third-party security entities with the kind of platform access they need to improve the security of iPhones, iPads, MacBook Airs and so on. “Apple is very much on its own with security,” said Maiffret. “It almost mirrors late-90s Microsoft, and it’ll probably take a major incident or two to incite change.”
If we’ve learned anything about security in the past 20 years, it’s that another major incident is always looming just over the horizon. With the number of IP-connected devices climbing to anywhere from 50 billion to a Trillian in the next five to 10 years, tomorrow’s hackers could target anything from home alarms and air traffic-control systems to flood control in dams.

Popular Posts

How to Install Hp LaserJet 1320 Printer in Windows 7?

How to Install Hp LaserJet 1320 Printer in Windows 7? Is Hp LaserJet 1320 Printer compatible with Windows 7? Yes it is!

Today Windows 7 is the most popular Operating System using in Homes & Offices all over. In early days due to non-compatibility and support to many Devices (like Printers, Scanners etc.), Windows 7 was not a Primary Operating System according to Professional’s remarks. Many companies made their devices compatible to this New Operating System with updating their Software and Drivers for Devices like Printer, Scanners etc., some of other companies made brand new Devices for new operating system. But some devices were far behind due to non-compatibility with Windows 7, and users were waiting for new release of drivers. Hp LaserJet 1320 is also one of the device, we still hoping from Hewlett Packard to launch updated drivers for 1320, to make it compatible with Windows 7.

Windows 10 Text Looks Blurry and Fuzzy

While I am still searching for this problem, I want to share it here so if someone can support and can give me a detailed answer. First-thing-first, I am on a low-end desktop PC, and I am not sure if the reason behind this problem is my low-end PC or Microsoft Windows 10. Yesterday I switched to Microsoft newly launched Windows 10 on my desktop PC which I am using since last few years regularly only for Office Work, particularly for Microsoft Office documents. I do know that it has only 256MB of graphics memory but I thought to give Windows 10 a chance to operate my PC. The upgrading process from Windows 7 (32bit Home Edition) to Windows 10, was itself so smooth and interesting that I feel its something special from Microsoft this time, and yes it is. Why I am talking only about graphics memory of my PC because Microsoft didn't mention any thing about required graphics card of amount of memory (as far as I read about it), and my RAM and Processor is enough sufficient to operate W…

Advanced Gadgets - Need or Trend

Surely you will be excited if you buy a new advanced featured iPhone 5 after recycling your ancient one. But is it your Need or its just for Trend?  Of course this is actually depend on your needs and requirements what you choose and why, on other hand, do this new advanced gadget suites your personality? Rarely questions these are, but we are talking about why most of people advancing to modern gadgets? Is it theirs need or just its a trend? Regarding to many survey reports and discussions, most of people using smartphones or even a camera phone for photo-shoot obviously, it means that a camera phone is your need somehow, but buying a smartphone for photo-shoot is either a trend. Using advanced featured gadgets is very good if it fulfils your needs and the way you will use it, but for trend I should say its just waste of money. No doubt that an advanced and latest technology device gives you more features including security benefits and more reliability as well as user friendly env…