Security

Hackers’ 2007 Targets: Video-Sharing, Mobile Devices

Downloading movies from the Internet may be easierthan ever to do, but it isn’t necessarily advisable,according to McAfee, which sees trouble ahead with thistechnology and Internet security.

It cites the growingnumber of video-sharing sites on the Web as a primetarget for hackers next year.

To be sure, video-sharing is not the onlyemerging area of risk on the security vendor’s list — McAfee names 10 threatsin all — but it is emblematic of a larger problem,according to BigFix CTO Amrit Williams, a formerGartner analyst.

“McAfee is correct at pointing out video — but the realproblem is that every time new technology isintroduced, security always lags,” he tellsTechNewsWorld.

Converging Technologies

The risks grow even greater as these technologies andmediums converge — such as video-sharing over mobiledevices. There have been warning signs for at least a fewyears that mobile viruses are likely to become more prevalent.That has not happened yet, Williams notes, largelybecause there is no one standardized platform formobile operations. That is changing though, he says.

VoIP (Voice over Internet Protocol) is another example of the security risksconverging technology may pose, he says. “Right now,voice is the most reliable medium of communication forcompanies. Moving it onto the Internet, though, meansthe potential of denial of service increases.”

Video Allure

VoIP, though — at least in corporate settings — generally has sometype of security apparatus to support it.Video, by contrast, is very much a consumerapplication, and it appears that hackers are alreadyeyeing the medium.

This month, the Realor worm was released — the first totarget a video file format by embedding maliciouscontent within the file — in this case, a link to aWeb site containing an exploit, says DmitriAlperovitch, principal research scientist for SecureComputing.

The problem, he says, is not the video content itself,but the file format that is used for transmission ofthis content, as well as video player applications thatallow for storage of more data.

“While the Realor worm was not a widespread threat,this type of malware that is distributed via filesthat have typically been associated with data — and notexecutable content such multimedia files, graphicsand office productivity files — is becoming moreprevalent,” he tells TechNewsWorld, “and threats from it will continue to rise in2007.”

“As the line between data and code continues to blur,people need to be ever more vigilant about any type offile that they receive from sources they don’tcompletely trust,” Alperovitch concludes.

Top Ten

Besides the rising risk of video-sharing on theInternet, McAfee identified nine other risks to watchin 2007:

  • The number of password-stealing Web sites willincrease, using fake sign-in pages for popular onlineservices such as eBay;
  • The volume of spam, particularly bandwidth-eatingimage spam, will continue to increase;
  • Mobile phone attacks will become more prevalent asmobile devices become “smarter” and more connected;
  • Adware will go mainstream following the increase incommercial Potentially Unwanted Programs (PUPs);
  • Identity theft and data loss will continue to be apublic issue;
  • The use of bots — computer programs that performautomated tasks — will increase as a tool favored byhackers;
  • Parasitic malware, or viruses that modify existingfiles on a disk, will make a comeback;
  • The number of rootkits on 32-bit platforms willincrease, but protection and remediation capabilitieswill increase as well; and
  • Vulnerabilities will continue to cause concernfueled by the underground market for them.

The applications we haven’t thought of yet are what worry Williams the most, especially now that technology governs the minutiae of our everyday lives.

“Yes, one day will be able to sit on the sofa watchingTV and control the toaster via our laptop. If securitycontinues to lag new technology all that means is thatsome hacker in East Europe will be able to burn thetoast.”

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

Technewsworld Channels