2011 Security Trends: Bad Times with Refined Phishing and Mobile Apps

• By Dian Schaffhauser
• 12/01/10

Cyber security will be no easier in the new year than it is now, as malware proprietors get more sophisticated in their phishing attempts, malware-as-a-service becomes the norm, and smart phones and tablets draw increased attention from cyber criminals. That's the prediction of security software vendor M86 Security, which has released a report summarizing its threat predictions for 2011.

Security experts at the company said they expect spam campaigns to increasingly mimic legitimate mail from popular Web sites. Gone will be the obvious misspellings, double exclamation points, textual spacing gaffes, and other tiny clues signaling that a message has come from a spammer instead of a legitimate mailer. Examples cited in the report include e-mail that perfectly mimics communications from Amazon, FedEx, and LinkedIn, luring users to click on a link, thereby downloading malware or delivering a malicious payload. "We observed that the headers and body templates were taken from actual LinkedIn messages," the report's authors wrote. "Therefore, it's nearly impossible for the average user to distinguish between the legitimate LinkedIn messages and the nefarious ones."

The growth of the Smartphone and tablet markets is making those devices increasingly attractive to cyber bad guys, reported M86. Although both Apple and Google have a restrictive approval process for applications placed in their respective stores, both companies have begun to see more vulnerabilities in their platforms. For example, in October 2010 a group of researchers tested Android apps specifically and found that private information was being delivered without their users' knowledge. "So far, Android has seen rogue applications such as a 'Movie Player,' which secretly sends SMS messages to a premium rate number, costing the end user several dollars per message," M86 stated. "Other applications have harvested information such as a user's SIM card number and voicemail password, sending it to a server in another country."

Although mobile malware has focused on smart phones, the report's authors expect to see more illegal activity targeted to tablets in the coming year. For both types of devices, organizations may face "more pains" as users gain broader access to the wireless network. To counter potential ill effects, the company advised IT professionals to set "clearly defined policies and [put] remediation in place for usage of these devices on the corporate network."

A third trend for 2011 is the increasing use of online services that provide a one-stop-shop for malware tools. According to M86 research findings, cyber criminals are teaming up to offer their products as services alongside traditional applications. With the Neosploit kit, for example, "customers can purchase a specific Web server configuration that redirects victims' requests to a Neosploit back-end server, which is apparently handled by the NeoSploit team," the report stated.

Social networks will also grow as a target in the coming year, as will stolen digital certificates. According to Bradley Anstis, vice president of technical strategy at M86, "To outsmart the bad guys, organizations need to first understand where the threats are likely to come from, and then second define exactly what needs to be protected, and how critical it is. But just as important, they must lay out their best practice strategies and policies for proactively combating and staying ahead of the emerging security threats."