McAfee Security Report Suggests 2014 Will Be a Rough Year
Smartphones, social networks, PCs, servers, cloud services, governments and national infrastructure all face security risks in 2014, according to the latest McAfee security report. On, and virtual currencies are being used to fund serious crimes. So, who wants a new career?
Fri, January 10, 2014
CIO — McAfee's comprehensive 2014 security report, released at the end of December, goes beyond rehashing the same set of threats in ever-increasing volume to instead reflect the impact of digital currencies, NSA leaks and social media. Going through the report, one thing becomes eminently clear: We are in no way prepared for what's coming in 2014.
I'll cover the report's main elements, but I suggest you read it thoroughly yourself — perhaps after a couple glasses of good brandy.
Expect a Mobile Malware Tsunami
At a McAfee event in 2012, I watched then-CTO Mike Fey demonstrate how to take over an iPhone or Android phone. He actually caused the Android phone to self-destruct by overclocking it to fail remotely.
This was unprecedented. Since then, mobile devices have become even bigger targets. While security has increased from source vendors, it hasn't kept up and, in fact, is falling further and further behind, according to McAfee. The report concludes that attacks will increase sharply in 2014 — particularly those designed to expropriate data without being detected. Such attacks grew a whopping 33 percent in 2013, while PC attacks were flat, showing that malware creators have largely shifted to more-vulnerable mobile operating systems.
Virtual Currencies Will Fuel New Crimes
While the section of the report on virtual currencies focuses on ransomware, there are broader implications to this trend. Virtual currencies are believed to be untraceable — which in theory makes them ideal for funding criminal activities, including blackmail, kidnapping and even assassinations — (though that was recently proven untrue).
According to McAfee's report, we can expect an increase in ransomware, which disables PCs and servers and can be removed only by paying a ransom. The same is true for similar crimes that McAfee doesn't track. Crimes that require a payoff currency source that can't be traced will rise. If you use a digital currency, it may only be a matter of time before law enforcement simply assumes that you're a crook.
Attackers Include U.S. Government, Organized Crime
While the report doesn't focus specifically on the NSA disclosures, it does indicate that governments, including our own, are doing incredibly invasive things that are virtually impossible to detect. Some attacks compromise legitimate applications, making them behave like malware; others go well beyond PCs and smartphones, with targets such as industrial control systems or other systems tied to keeping national infrastructure operating. Both private and public systems are in their crosshairs.