Botnet attacks get smarter
Cyber crime is altering the security threat landscape and current anti-virus solutions are not enough to combat security threats alone.
This is according to Alex de Graaf, McAfee senior manager of sales engineering, emerging markets, EMEA.
He provided a 2011 security threat forecast during the ITWeb Security Summit, at the Sandton Convention Centre.
De Graaf said 2011 will see more hackers using advanced persistent threats and targeted attacks to steal information for black market sale.
Targeted attacks and advanced persistent threats are advanced direct attacks using zero-day attacks and customised malware, according to De Graaf.
These threats look for the weakest link within an organisation's network or PC. De Graaf pointed out the end-user is generally the weakest link within an organisation.
“Around 55 000 different pieces of new malware are being created each day, and anti-virus alone is not enough. We need different solutions.
“Today everyone is using a mobile device and [McAfee] sees mobile malware threats are up 46% year-on-year. In addition, mobile device loss and data leakage remain top concerns for businesses and consumers,” said De Graaf.
He predicted 2011 will see an increase in advanced persistent threats as well as botnets and targeted attacks.
“Gemini is the first Android malware in the world that displays botnet-like capabilities.
“Once Gemini is installed onto a user's phone, it receives commands from a server to control the phone. It can then command the phone to send location coordinates, access information, and promote the user to install or uninstall apps.”
De Graaf explained 2011 will see more applications being targeted. “Attacks on Adobe products now far outweigh that of Microsoft products.
“McAfee counted 214 992 pieces of malware aimed at vulnerabilities on Adobe Acrobat and Reader last year.”
He added that botnets are being designed to attract less attention in order to operate undetected.
“Smaller botnets will attract less attention. In addition, new malware is exploiting social networks by gathering information.
“A new sophisticated malware dedicated to financial fraud will replace Zeus and SpyEye during the first six months of 2011.”
De Graaf said hackers are forming organised groups and are driving advanced persistent threats targeting SMEs, municipalities and individuals by continuously infecting computers for financial gain.
He noted: “In October 2010, Operation Trident Breach saw 60 criminals charged and 10 arrested. The cyber thieves infected computers with a Zeus Botnet that captured passwords and account numbers. This scheme resulted in the attempted theft of $220 million.”