Password Theft, Video Files Top List of Security ThreatsBy Matt Hines | Posted 2006-11-29 Email Print
Modernizing Authentication — What It Takes to Transform Secure Access
McAfee researchers predict that password theft, malware delivered via video-sharing technologies and attacks aimed at mobile devices will be among the most significant problems tackled by IT administrators over the next 12 months.
McAfee's Avert Labs research group on Nov. 29 released its annual report on the Top 10 security threats likely to grow in severity during the coming year, highlighting expectations for continued professionalism among malware code writers and a range of attacks on emerging technology platforms in 2007.
The trend toward malware writers and online fraudsters who bring a high level of professionalism to their work will dominate the IT threat landscape, according to Dave Marcus, security research and communications manager at McAfee Avert Labs.
Long gone are the days of script kiddies who created attacks almost purely for sport. They have been replaced by organized networks of code writers who conduct quality assurance tests on their malicious code and offer software updates to the people using their programs to steal money from businesses and end users.
As a result, the threats that Santa Clara, Calif.-based McAfee expects to arrive during 2007 will exhibit a growing sophistication in the methods they employ in attempting to hide themselves in seemingly legitimate applications, and in finding ways to garner sensitive personal and financial information, Marcus said.
Along those lines, McAfee researchers said that the volume and variety of Web sites built to steal users' information, such as in phishing schemes, will continue to proliferate. Many of those sites will offer counterfeit sign-in pages designed specifically to mimic the Web interfaces used by popular sites such as eBay.
Unwanted spam e-mail continues to serve as the primary delivery method for many phishing attacks and so-called botnet programs, and the security company is expecting the quantity of the unsolicited messages to rise again over the next year, much as they have during 2006.
Another source of threats projected to increase during 2007 is the use of "potentially unwanted programs" to serve up adware onto users' PCs. Those programs typically identify themselves as helpful or entertaining applications, only to serve as a backdoor for other unsolicited code, such as spyware and software used to assail computers with pop-up advertisements.
McAfee contends that the use of botnet programs by hackers to carry out other crimes will also continue to grow, as the model allows code writers to distribute their attacks over widely dispersed systems, making it harder for users to detect their presence and for law enforcement officials to track down cyber-criminals. Botnets involve programs hidden on multiple computers that are secretly used to carry out other forms of attacks.
Read the full story on eWEEK.com: Password Theft, Video Files Top List of Security Threats.