Innovation is usually a positive word, ascribed to the efforts of organizations to improve profitability and productivity.

Regretably, creators of IT threats are expected to be even more innovative in 2014 than they were this year, according to Doug Cooke, director of sales engineering at McAfee Canada.
“As the technology evolves hackers look at different things,’ he said in an interview as McAfee released its 2014 threat prediction report.

“Instead of a ‘spray and pray’ approach (to distributing malware) they’re being much more targeted” including going after critical infrastructure.

Here are McAfee’s seven predictions for the coming year:

–Always ready to follow the money, the bad guys will continue turning their efforts towards mobile malware. It was the fastest growing trend this year, Cooke added. “Ransomware” – malware that takes over your device and won’t let go until you pay for a so-called fix — will move to mobile operating systems. Also, as near field communications (NFC) – the capability to swipe a mobile device by a scanner for payment – spreads, it will increasingly be looked at as an attack vector.

The vehicles will be traditional – users clicking on a link.

Enterprises should be warned: With an increasing number of mobile devices tolerated within organizations, dealing with mobile-based threats will be something to be prepared for.

–Virtual currencies like bitcoin, ripple, litecoin and others will be “the vehicle of choice hackers will use when attempting to fleece people of their money – including through ransomware.

Why? Because digital currencies provide cybercriminals with so-far unregulated and anonymous payment structures.

–“Hackers are getting smart,” Cooke said. When they create a new piece of malware it gets targeted, making it harder for security companies to get examples of it and build a defence. That’s one reason why sandbox defences are increasing, he said. Hackers are responding with malware that doesn’t execute in a sandbox, which can defeat an intrusion protection scanner. Malware evasion techniques will be quite sophisticated.

–Social media-based threats will increase. Think of the botnet on Facebook that scraped up user passwords. Attackers will also increasingly try using Facebook for phishing attacks to get unsuspecting people to click on links for changing passwords or give out personal information. Linkedin will also be a target.

Related Articles

Social engineering tricks U.S. security agency into baring all

There have been weekly reports of the alleged omnipotence of U. S. intelligence agencies, giving to the impression they are on the leading edge of offensive IT security. Apparently, however, at least one

Published on: October 31st, 2013 Howard Solomon @itworldca

Advanced threat software to become $1.7B market: IDC

The increasing use of stealthy malware for highly targeted attacks will push the development of anti-advanced threat software into a market worth more than $1.7 billion by 2017, according to a recent report by

Published on: August 19th, 2013 nestor e. arellano @itworldca

– HTML 5 is rapidly being used by more organizations for Web-based content. New PC attacks will exploit vulnerabilities created in part by inexperienced coders. And cybercriminals will also go after BIOS systems and storage devices.

–It wouldn’t be an IT story if cloud computing didn’t get mentioned. Guess what – cloud based corporate applications will also be increasingly targeted. After all, hypervisors are ubiquitous.

Related Download
Sponsor: Cisco
Cisco Secure Mobility Knowledge Hub
This Knowledge Hub provides an end-to-end look at what it takes to discover, plan, and implement a successful Secure Mobility strategy.
Learn More