Smartphones, Twitter, Facebook Face Emerging Cyber Threats

Growing sophistication of botnets, pervasive mobile devices and social networking, and threats to physical systems could be the key cyber threat issues in 2011.

Botnet

Botnets are collections of software agents that run automatically to compromise large numbers of machines for malicious activity including spreading spam, stealing log-in credentials and personal information or distributing malware to others.

According to the latest cyber threat report from Georgia Tech Information Security Center (GTISC), traditional forms of security such as signature-based antivirus become ineffective as malware numbers continue to climb.

"Cyber criminals now have automated tools capable of releasing very large volumes of malware with extreme variety and sophisticated features," said Wenke Lee, a professor at the Georgia Tech College of Computing.

According to McAfee, the first six months of 2010 was the most active half-year ever for total malware production. Today, automated analysis technologies are being used to keep up with this volume, but according to Lee, they lack the precision needed to decipher purposely compressed, encrypted and obfuscated malware.

Earlier this year, organizations including Google, Adobe and a few dozen others in the commercial sector acknowledged that they had been the victims of a highly targeted attack known as Aurora.

One way to combat the explosion of malware samples is through the use of a scalable, transparent (meaning the attackers cannot detect it) and automated analysis system to obtain actionable malware intelligence and leverage the intelligence in meaningful ways.

Mobile Threat

While more than 1.5 billion people use the Internet daily, over 4.5 billion use a cell phone every day, creating an attractive target for cyber criminals. Over the next five to ten years, this number will double or even triple, as phones become less expensive and more powerful, enabling people even in rural areas of the world without sophisticated infrastructure to easily get on the Internet.

Patrick Traynor, assistant professor at Georgia Tech's School of Computer Science, said the sheer volume of cell phone users around the world indicates a current need for proactive mobile security measures.

According to M.A.D. Partners, "Smartphones are the new computers. An estimated 2 billion of them will be deployed globally by 2013."

Traditionally, phones have been so diverse that it was difficult for cyber criminals to effectively take advantage of them. But now, majority of the phones are built on a few core operating systems including Windows, Android and Mac, making the smartphone world look more like the desktop world.

Another security issue pertaining to phones, much like computers, is that they offer so many different gateways of attack. Attackers can take advantage of smartphone users through email, Internet applications, text messaging and even through call fraud, i.e., calling users pretending to be their bank or another reputable organization and spoofing the caller ID to make the call look legitimate.

Users need to be as skeptical on their phones as they are on their computers - not giving away sensitive information to callers, being selective about which emails and text messages they open, and about which applications they install on their phones.

According to Robert Smith, CTO and co-founder of M.A.D. Partners, "The single biggest thing threatening any enterprise today on a security basis is mobile. Furthermore, mobile phone application stores are the greatest malware delivery system ever invented by man."

"Businesses should make use of available forms of protection. Further, users should not simply rely on workplace safeguards, but should also take these security technologies with them when they are not in the office," said Paul Judge, Chief Research Officer, Barracuda Networks.

Corporations therefore need to be just as vigilant about mobile security as individual users, whether it is through developing and enforcing usage policies or employing service providers that can protect their networks from mobile attacks via cloud-based security services.

Social Networking Threat

With more than 100 million accounts on Twitter and more than 500 million on Facebook, attackers are taking advantage of the social networking craze as a new medium for launching insidious attacks.

Only about 30 percent of Twitter accounts are genuine users who actively use the service on a regular basis.

In another study over the past four months, an average of 130 instances of malware were found every day simply by searching for content on popular, "trending" topics via Twitter, Google, Yahoo! and Bing. "While the issue of malware on social networking sites and popular search engines is quiet, it is consistent and happens around the clock, all day every day," said Judge.

In addition to not trusting unknown users or suspicious links on social networking sites, public would protect themselves by using services such as URL filtering, malicious JavaScript detection and URL reputation services.

Threats targeting physical systems

Once botnets and other types of malware wreak havoc on computers, there is a rising concern that the damage done could also cause the destruction and malfunction of physical systems in areas including critical infrastructure and even information technologies deployed in the healthcare sector.

While security measures and technologies for utilities are still in the early adopter phase, organizations are working hard to ensure that their utility is not the first to appear in news headlines for having their infrastructure compromised by malware.

Heath Thompson, Chief Technology Officer at Landis+Gyr, said to combat these various attack vectors, utilities must focus on end-to-end security from plant generation to the point of consumption. Basic internal security governance around the use of these systems is also critical. The ability to assess the maturity of existing assets will be a key focus area for the future.