Hackers' 2007 Targets: Video-Sharing, Mobile Devices
Dec 3, 2006 4:00 AM PT
Downloading movies from the Internet may be easier than ever to do, but it isn't necessarily advisable, according to McAfee, which sees trouble ahead with this technology and Internet security.
It cites the growing number of video-sharing sites on the Web as a prime target for hackers next year.
To be sure, video-sharing is not the only emerging area of risk on the security vendor's list -- McAfee names 10 threats in all -- but it is emblematic of a larger problem, according to BigFix CTO Amrit Williams, a former Gartner analyst.
"McAfee is correct at pointing out video -- but the real problem is that every time new technology is introduced, security always lags," he tells TechNewsWorld.
The risks grow even greater as these technologies and mediums converge -- such as video-sharing over mobile devices. There have been warning signs for at least a few years that mobile viruses are likely to become more prevalent. That has not happened yet, Williams notes, largely because there is no one standardized platform for mobile operations. That is changing though, he says.
VoIP (Voice over Internet Protocol) is another example of the security risks converging technology may pose, he says. "Right now, voice is the most reliable medium of communication for companies. Moving it onto the Internet, though, means the potential of denial of service increases."
VoIP, though -- at least in corporate settings -- generally has some type of security apparatus to support it. Video, by contrast, is very much a consumer application, and it appears that hackers are already eyeing the medium.
This month, the Realor worm was released -- the first to target a video file format by embedding malicious content within the file -- in this case, a link to a Web site containing an exploit, says Dmitri Alperovitch, principal research scientist for Secure Computing.
The problem, he says, is not the video content itself, but the file format that is used for transmission of this content, as well as video player applications that allow for storage of more data.
"While the Realor worm was not a widespread threat, this type of malware that is distributed via files that have typically been associated with data -- and not executable content such multimedia files, graphics and office productivity files -- is becoming more prevalent," he tells TechNewsWorld, "and threats from it will continue to rise in 2007."
"As the line between data and code continues to blur, people need to be ever more vigilant about any type of file that they receive from sources they don't completely trust," Alperovitch concludes.
Besides the rising risk of video-sharing on the Internet, McAfee identified nine other risks to watch in 2007:
- The number of password-stealing Web sites will increase, using fake sign-in pages for popular online services such as eBay;
- The volume of spam, particularly bandwidth-eating image spam, will continue to increase;
- Mobile phone attacks will become more prevalent as mobile devices become "smarter" and more connected;
- Adware will go mainstream following the increase in commercial Potentially Unwanted Programs (PUPs);
- Identity theft and data loss will continue to be a public issue;
- The use of bots -- computer programs that perform automated tasks -- will increase as a tool favored by hackers;
- Parasitic malware, or viruses that modify existing files on a disk, will make a comeback;
- The number of rootkits on 32-bit platforms will increase, but protection and remediation capabilities will increase as well; and
- Vulnerabilities will continue to cause concern fueled by the underground market for them.
The applications we haven't thought of yet are what worry Williams the most, especially now that technology governs the minutiae of our everyday lives.
"Yes, one day will be able to sit on the sofa watching TV and control the toaster via our laptop. If security continues to lag new technology all that means is that some hacker in East Europe will be able to burn the toast."