Interviews

Internet threats

by Mark Rowe

Malicious IT attacks could be even more prevalent and certainly more varied in 2013, according to an internet and mobile security product company. BullGuard urges users to stay one step ahead by knowing how third parties are changing their methods of attack to more effectively target personal data.

With devices such as smartphones and tablets becoming ever more prevalent, malicious parties now have more ways to steal data, and with many users slow to adopt security measures for their new devices, it’s more important than ever to be aware of the nature of new threats.

Looking back at 2012’s tech developments, threat evolution and statistics on consumer behaviour, the product firm presents its top five threats for 2013.

Prediction #1: More mobile malware than ever before, Android the main target

With Android’s popularity booming – it is now globally the most popular operating system for smartphones and tablets with over 1 million new devices activated daily – we can expect to see it being targeted in increasing numbers in 2013. Due to Android’s open-source nature it’s easier for cybercriminals to find and exploit platform flaws, and at the same time Android apps can be put up for download on third-party stores that are poor at screening apps for suspicious behaviour. Google Play, the official Android app store, has struggled with security issues in the past and recent research shows that Google’s App Verification Service in the latest Android version, Jelly Bean, detects just 15.32 per cent of known malware compared to existing third-party apps from dedicated mobile security companies. As Android users will look for more apps to download and make their mobile lives easier and more fun, in 2013 they are more likely to run into malicious software and to get infected if they only rely on Google’s security measures.

Prediction # 2: Mobile adware will become more aggressive, flooding notification bars and invading user privacy

Smartphone and tablet users love “free” apps, but in order to produce them, developers often turn to adware in order to raise the necessary funds. Around 90pc of all free Android apps come bundled with adware, which often sends pop-up ads to the notification bar. The more aggressive kind can add icons, change browser settings and even legitimately (since an app requires certain permissions to be granted by the users before installing them) collect private information such as: email addresses, device IDs, your location, browsing habits, and even phone numbers. This information can then be sent to remote servers belonging to ad networks who can use this data for targeting purposes. While not necessarily malicious, this ad behaviour is highly invasive and next year we expect advertising companies to push even more in-app ads while trying to find ways to counter any privacy-related complaints.

Prediction # 3: Malware privacy breaches will make headlines and the online privacy debate will go to higher peaks

2012 saw a new type of malware enter the stage of data-snatching – the image-snaffling Trojan, which uploads .jpg, .jpeg and .dmp files from infected systems to a remote FTP server. Stolen images can be used in targeted attacks on important individuals for purposes such as blackmail and identity theft. If, up to now, privacy advocates have been advising web users to be careful about the photos they share on social networks, in 2013 users should also be mindful of the images they have stored on their machines and look for ways to properly secure them. In particular, apps that allow photos to be automatically uploaded to online accounts such as Facebook should be treated with particular care. Additionally, expect to see private data-harvesting social apps such as Facebook and Instagram, stealthy automated man-in-the-middle attacks and targeted attacks based on user information (IP, location, language, personal interests) gathered from various online media.

Prediction # 4: Online fraud remains rampant

All types of real-life fraud have moved to the online world. Clairvoyant scams, charity donations, fake auctions, lottery scams, fake work-from-home job offers and fake freebies are all ways for cybercriminals to con people by exploiting emotional weaknesses.

In 2013 we’re expecting to see more of one particular type of online fraud – ransomware, which combines malicious code creation with scaremongering. Usually a Trojan, ransomware is designed to restrict access to an infected system and demand that a ransom be paid to the creator of the malware in order for the restriction to be removed. Some forms encrypt files on the system’s hard drive, while others may simply lock the system and display messages to coax the user into paying via Ukash, PaySafe or other payment methods. We’re also expecting Social Media to become the main channel to deliver most of the online fraud, phishing attempts and viruses. With more and more people joining social networks, the pool of potential victims only gets larger.

Prediction #5: Mobile shopping on the rise, but not risk-free

Smartphones have become indispensable items with a multitude of useful functions and features. One of these is online shopping, and it’s easy and convenient to use your phone as an e-wallet to pay for things or go online and buy a gift for a friend and immediately have it shipped to them. As convenient as that may sound, mobile shopping is not risk-free. In 2013 mobile hacks will be rampant, mobile payment systems compromised and more Wi-fi networks exploited by criminals.

While the threats described above may sound alarming, it’s fairly straightforward for users to ensure that they are protected from these types of attacks. Being aware of the threats that exist is a good start, but this must be combined with vigilance on the part of the user in terms of protecting their personal information, and of course investment in a good mobile security suite for a handheld will prevent many of these attacks from manifesting in the first place. And if there is any doubt over the true nature of a message or the behavior of an app or website, ignore it or contact the authority in question or your internet security provider to clear up the issue.

Related News

  • Interviews

    Fire risk reminder

    by Mark Rowe

    Unoccupied and derelict premises are at risk of fires, says a fire chief, after a rise in incidents. Tyne and Wear Fire…

  • Interviews

    Call for back-up

    by Mark Rowe

    Businesses must adopt greater strategic back-up flexibility, writes John Woolley, Head of Technical Sales at the information storage contractor Iron Mountain. The…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing