"We've seen significant advancements in device and social-network adoption, placing a bullseye on the platforms and services users are embracing the most," said Vincent Weafer, senior vice president of McAfee Labs. "These platforms and services have become very popular in a short amount of time, and we're already seeing a significant increase in vulnerabilities, attacks and data loss."
Social-media threats are nothing new, but expect to see more of them next year. McAfee Labs expects social-media services that use URL shortening will be under attack because its easier for cybercriminals to mask the full URL and direct users to malicious web sites.
Then there's geolocation services like Foursquare, Gowalla and Facebook Places. In just a few clicks, cybercriminals can see in real time who is tweeting, where they are located, what they are saying, what their interests are, and what operating systems and applications they are using. That opens the door to targeted attacks.
On the mobile front, McAfee predicts the widespread adoption of mobile devices in business environments, combined with a historically fragile cellular infrastructure and slow strides toward encryption, will bring a rapid escalation of attacks and threats to mobile devices, putting user and corporate data at very high risk.
Apple No Longer Immune
Historically, the Mac OS platform has remained relatively unscathed by malicious attackers, but McAfee Labs warns that Mac-targeted malware will continue to increase in sophistication in 2011. The popularity of iPads and iPhones in business environments, combined with the lack of user understanding of proper security for these devices, will increase the risk for data and identity exposure, and will make Apple botnets and Trojans a common occurrence.
"The reason Apple represents a top security threat is because iPhones are coming into the enterprise and they don't fall within the security-management infrastructure that's in place," said Rob Enderle, principal analyst at the Enderle Group. "So you don't know who is using the phone, you don't know what's on the phone, and it's much harder for you to contain any threats the phone represents."
Threats and More Threats
Rounding out the threat report, new Internet TV platforms, such as Google TV, are also going to be under attack, McAfee reports, and your next computer virus could come from a friend. Malicious content disguised as personal or legitimate e-mails and files to trick unsuspecting victims will increase in sophistication in 2011.
McAfee Labs predicts that the recent merger of Zeus with SpyEye will produce more sophisticated bots due to improvements in bypassing security mechanisms and law-enforcement monitoring. And McAfee believes hacktivism will become the new way to demonstrate political positions in 2011 and beyond.
Finally, McAfee Labs warns that companies of all sizes that have any involvement in national security or major global economic activities should expect to come under pervasive and continuous Advanced Persistent Threat attacks that go after e-mail archives, document stores, intellectual-property repositories, and other databases.