McAfee: Virtualization, online games top security risks

The good news: there will be less adware to worry about

In its "Top Ten Security Predictions for 2008," McAfee foresees the growth of virtualization opening up a huge attack surface. On the good-news side, the security vendor expects there will be less adware on the Internet to worry about. McAfee's list comes in the wake of archrival Symantec this week predicting its top five security threats for next year. Craig Schmugar and Dave Marcus, researchers at McAfee's Avert Labs, shared this list:

Web 2.0 Web-based social-networking sites, hosted applications, wikis and the like are way ahead in function but behind in security, according to McAfee. Active sites will continue to be victims of crosssite scripting attacks and malware exploits.

Botnets These are going to be Artful Dodgers, following the style of the largest botnet around today, Storm, "which radically changes its methods over time," Schmugar says. "Storm is a trend-setter. A lot of the spam we see is coming across Storm-compromised machines, including PDF and image spam."

Instant messaging/instant malware On the horizon is a "self-executing IM worm," Schmugar predicts. "The ingredients are coming together, more critical vulnerabilities targeting IM clients." Count on it.

Online games Password-stealing Trojans have emerged as a new type of threat to millions of game players. "Virtual objects in games are worth money," Schmugar notes. "It's lower risk than targeting a bank."

Microsoft's Vista software Has it seemed fairly quiet on the security front since Microsoft shipped Vista last year? McAfee says that quiet period is coming to an end, now that the installed base is growing slowly to 10% of Windows users. That's the threshold at which a platform is targeted more aggressively, Marcus says.

Decline of adware "The government, such as the Federal Trade Commission, has been successful fighting against it," Marcus says. "Advertisers don't like the association with adware. Some of the programs we now see are considered Trojans."

Phishing Attackers are not going just after the larger targets, such as PayPal and eBay, and the big banks. Phishing is now ubiquitous, hitting MySpace users and any online Web site imaginable.

Parasitics Though not a wholly new category of malware, parasitics -- which look for a specific file on your system into which they embed themselves and then spread, rather than just make a copy of themselves -- are having a renaissance. "We've seen a 700% increase in parasitics [such as] Philis in 2007," Schmugar says. "Virut is active and Almanahe, which has a rootkit." To combat an infection by parasitics, "you have to isolate the parasitic code within the host code," he says. "If it overwrites the good code, you may never get it back. The parasitic outbreaks we've seen this year have been very distracting."

Virtualization To McAfee, the spread of virtualization into the enterprise widens the potential attack surface. "You're opening up the exposure plane," Marcus argues. According to McAfee, attackers can do everything they did before in a traditional computing environment and more.

VoIP As VoIP acceptance grows, there also will be growth in VoIP phishing attacks and hacking into networks to resell VoIP minutes. "It's to monetize the attack," Marcus says. "We've seen the first conviction in the courts for this. We'll see more."

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Ellen Messmer

Network World
Show Comments

Cool Tech

Bang and Olufsen Beosound Stage - Dolby Atmos Soundbar

Learn more >

Toys for Boys

Sony WF-1000XM3 Wireless Noise Cancelling Headphones

Learn more >

ASUS ROG, ACRONYM partner for Special Edition Zephyrus G14

Learn more >

Nakamichi Delta 100 3-Way Hi Fi Speaker System

Learn more >

Family Friendly

Mario Kart Live: Home Circuit for Nintendo Switch

Learn more >

Philips Sonicare Diamond Clean 9000 Toothbrush

Learn more >

Stocking Stuffer

SunnyBunny Snowflakes 20 LED Solar Powered Fairy String

Learn more >

Teac 7 inch Swivel Screen Portable DVD Player

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers

MSI P65

This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang

MSI GT76

It really doesn’t get more “gaming laptop” than this.

Jack Jeffries

MSI GS75

As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr

MSI PS63

The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Featured Content

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?