McAfee Labs Threat Predictions outlines Top Security Issues for 2015


mcafee-logo-150x150Intel Security has released its McAfee Labs 2015 Threat Predictions, outlining expected increased attacks on Internet of Things (IoT) devices as we move our lives to the cloud, more impactful on ransomware attacks on mobile platforms and a balanced public debate on data retention and privacy as the government struggles to define ‘fair and authorised’ access to personal information.

“2014 will be remembered as ‘the Year of Shaken Trust,'” said Mike Sentonas, VP and CTO – McAfee Security Connected, Intel Security. “Across the world, an unprecedented amount of cyber attacks forced some of the most well-known global organisations to rethink their approach to cyber security, pushing the issue further into the public spotlight as consumer confidence was shaken.”

“This had a tremendous impact on Australian consumers and organisations in 2014, and restoring trust in 2015 will require stronger industry collaboration, new standards for a new threat landscape, and new security postures that shrink tim-to-detection through the superior use of threat data. Ultimately, we need to get to a security model that’s built-in by design and seamlessly integrated into every device at every layer of the computing stack,” concluded Sentonas.

Amongst global predictions for 2015, McAfee Labs has identified the top five concerns for Australians:

1. Attacks against IoT Devices are already common place, from IP cameras with weak security controls to smart meters with basic encryption flaws. Unless security controls are built-in to their architectures from the beginning, the rush to deploy IoT devices at scale will outpace the priorities of security and privacy. This rush and the increasing value of data gathered, processed and shared by these devices will draw the first notable IoT paradign attacks in 2015.

The increasing proliferation IoT devices in environments such as health care could provide malicious parties access to personal data even more valuable than credit card data. For instance, according to the McAfee Labs report entitled ‘Cybercrime Exposed: Cybercrime-as-a-Service’, the cybercrime community currently values stolen health credentials at around $10 each, which is about 10 – 20 times the value of a stolen U.S credit card number.

2. Data privacy will remain under attack as governments and businesses continue to grapple with what is fair and authorised access to personal information. The data retention bill introduced into parliament in late October will be further scrutinised as the Australian government and public look to find where privacy and security can work together effectively.

“While the debate is still raging over ‘privacy versus security’, the government is leaning towards the point that there is a loss in privacy which has to happen to be more secure,” said Sentonas. “The reality is that you do not need to accept less of one to get more of the other.”

He continues “We need to be very careful to not lose sight of the outcome and confuse ‘liberty versus control’, which is what is being argued in place of ‘security versus privacy’. This is a debate that needs to happen in order to get public support, not a decision that is made and pushed out.”

3. As predicted last year, McAfee Labs once again expects a rise in ransomware targeting mobile devices as phones and tablets hosting personal data make for attractive targets to malware authors. With mobile platforms supporting a myriad of unregulated payment methods, in 2015 attackers will find multiple avenues to extract ransom payments from victims to release their encrypted data. The most common example in 2014 would be the Cryptolocker Trojan, which has been using phishing emails to masquerade as legitimate entities such as Australia Post and the NSW Office of State Revenue, to encrypt user files and demand ransom to unlock them.

McAfee Labs also predicts that ransomware variants that manage to evade security software installed on systems that subscribe to cloud-based storage solutions.

4. As a continuation on mobile device threats, attacks are expected to grow rapidly as new mobile technologies expand the attack surface and little is done to stop app-store abuse. McAfee Labs expects to see a development in the capability of mobile users in protecting themselves from malware as users start to receive the message and view it as a major concern to their personal data security.

5. Point of Sale (POS) attacks will remain lucrative, and a significant upturn in consumer adoption of digital payment systems on mobile devices will provide new attack surfaces that cybercriminals will look to exploit. The Apple iPhone 6, with its near field communication (NFC) chip and integrated digital wallet, will legitimise the use of NFC to make digital payments and other mobile device vendors will follow suit, allowing uders to begin transacting business in a meaningful way using these technologies. In 2015, NFC digital payment technology will become an entirely new attack surface to exploit, unless user education can successfully guide users in taking control of NFC features on their mobile devices.


McAfee Labs November 2014 Threats Report

Also released, the McAfee Labs November 2014 threats Report has analysed threat activity in the third quarter of 2014. The report details a period filled with threat development milestones and cyber events exploiting long-established Internet trust standards.

During the quarter, McAfee Labs detected more than 307 new threats every minute, or more than five every second, with mobile malware samples growing by 16 percent during the quarter, and overall malware surging by 76 percent year over year. The researchers also identified new attempts to take advantage of Internet trust models, including secure socket layer (SSL) vulnerabilities such as Heartbleed and BERserk, and the continued abuse of digital signatures to disguise malware as legitimate code.

McAfee Labs forecasts a 2015 threat landscape shaped by more attacks exploiting these standards, new attack surfaces in mobile and Internet of Things (IoT), and increasingly sophisticated cyber espionage  capabilities, including techniques capable of evading sandboxing detection technologies.