The future of malware

| | Comments


It seems like there's a new data breach every day. And, the experts say, it's only going to get worse as hackers come up with new ways of getting their hands on our personal information. Here's a look at how malware is expected to evolve.

Next Prev
Next Prev yah

Collateral damage

According to Todd Feinman, CEO of DLP vendor Identity Finder, groups like Anonymous aren't motivated by money. They're trying to embarrass their targets, which include government agencies and law enforcement. But when they post sensitive personal information, they are helping a second tier of lower skilled cyber-criminals commit identity theft. "In one online post, AntiSec came right out and said 'We don't care about collateral damage. It will happen and so be it,'" Feinman says.

Next Prev yah

Facebook Timeline, anyone?

Experts say the future of malware isn't so much about how malware itself will be engineered as how potential victims will be targeted. "When people make trust decisions with social networks, they don't always understand the ramifications. Today, you are far more knowable by someone who doesn't know you than ever before in the past," says Dr. Hugh Thompson, programme chair of RSA Conferences. "Password reset questions are so easy to guess now, and tools like, while not created for this purpose, provide hackers with a war chest of useful information," Thompson says.

Next Prev yah


Chris Larsen, head of Blue Coat Systems' research lab, says the most common social engineering attack their lab catches is for fake security products. He also explained that social networks aren't just being used to target individuals. Larsen outlined a recent attack attempt where the bad guys targeted executives of a major corporation through their spouses. The logic was that at least one executive would have a poorly secured PC at home shared with a non-tech savvy spouse, which would then provide the backdoor needed to compromise the executive and gain access into the target company.

Next Prev yah

Smartphone worms

While smartphone threats are clearly on the rise, we've yet to see a major incident. Part of the reason is platform fragmentation. Malware creators still get more bang for their buck by targeting Windows PCs or websites. Larsen of Blue Coat believes that platform-agnostic, web-based worms represent the new frontier of malware. Platform-agnostic malware lets legitimate developers do some of the heavy lifting for malware writers. As developers re-engineer websites and apps to work on a variety of devices, hackers can then target the commonalities.

Next Prev yah


Smartphones are also poised to become e-wallets, and if there's one trait you can count on in cyber-criminals, it's that they're eager to follow the money. "The forthcoming ubiquity of near-field communication payment technology in smartphones is especially worrisome," says Marc Maiffret, CTO of eEye Digital Security. Europe and Asia are already deep into the shift to m-commerce, but the US isn't far behind. "Once the US adopts mobile payments in significant numbers, more hackers will focus on these targets," he adds.

Next Prev yah


During the Black Hat and Defcon conferences in early August, researchers demonstrated a number of disturbing attack scenarios. One particularly scary hack showcased the possibility of hijacking a car. Hackers could disable the alarm, unlock its doors and remotely start it through text messages sent over cell phone links to wireless devices in the vehicle.

Next Prev yah


Of course, cars represent just one example of hackable embedded systems. With the number of IP-connected devices climbing to anywhere from 50 billion to a trillion in the next 5 to 10 years, according to the likes of IBM, Ericsson and Cisco, tomorrowundefineds hackers could target anything from home alarm systems to air traffic control systems to flood control in dams.




Latest UK Updated 3:26pm

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message