Printed from http://www.electronista.com

McAfee: Apple iPad, iPhone targets for cybercrime in 2011

updated 05:40 am EST, Wed December 29, 2010

Google TV and social media also prime targets

The McAfee Threat Predictions report has stated that Apple's platforms, particularly its mobile devices such as the iPhone and iPad will be increasingly targeted by cybercrime in 2011. The report noted a marked change in the threat landscape over the past year as mobile platforms have become more widely adopted in enterprise. It claims that where Apple has been relatively free of botnets and Trojans in the past, that these will become an increasingly common occurrence on its platforms next year.

It will not only be Apple's devices that will be targeted, but other mobile platforms too as this is not an area where threat prevention solutions have been instituted. This leaves most mobile devices "fertile ground" for cyber criminals seeking to exploit security vulnerabilities. Users face particular threats from apps from markets that are unsupervised, such as Google's Android Market, which will enable malicious applications to access user data.

New media such as the Google TV, and social websites such as Twitter and LinkedIn are also vulnerable. McAfee noted a move toward application-controlled botnets this year and expects this trend to continue, as social media app deployment becomes increasingly the norm. The report asks, "Will this be the year of mobile botnets controlled via a downloaded app?" [via L.A. Times]



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

  1. Wingsy

    Fresh-Faced Recruit

    Joined: Apr 2005

    +16

    Not AGAIN!

    Here we go again. McAfee is in need of funds, so hurry and buy their useless junk so they can eat steak.

  1. monkeymilk

    Fresh-Faced Recruit

    Joined: Apr 2007

    +12

    McAfee are pathetic fearmongers

    Why does Electronista repeat and publish this cr*p? So more city dwellers in the world means more cockroaches but that does not mean that the cockroach messiah is going to evolve and lead them to rise up and surplant mankind. I don't see publishers parroting such irrational and baseless warnings from Rentokil when they need to sell more fly killer

  1. nostrademas

    Fresh-Faced Recruit

    Joined: Feb 2006

    +9

    here we go again

    "It claims that where Apple has been relatively free of botnets and Trojans in the past, that these will become an increasingly common occurrence on its platforms next year". They say this every year and it just doesn't happen. And if it did, then the solution is more about educating users about basic security, regardless of what platform they are using, than about installing McAfee's POS applications.

    On mobile platforms specifically, it's just stating the obvious that there is increased opportunity for crackers based on the size of the installed base. That's no more intelligent than saying more houses in a town will increase the likelihood of burglaries or more cars on the road will increase the likelihood of accidents. If they're trying to insinuate that iOS, Android and others need bolt-on AV solutions ("this is not an area where threat prevention solutions have been instituted"), then I would disagree. What is actually needed is built-in security in the OS, adequate data access controls that are configurable by the user and enforced by the OS, and more informed users when it comes to selecting and using apps.

    There's nothing new here at all.

  1. qazwart

    Fresh-Faced Recruit

    Joined: Apr 2001

    +5

    Sooner or Later, They'll be right.

    Portable platforms will face increase vulnerabilities because:

    * They're so numerous, so if you can figure out how to break into one, you have hundreds of thousands of rich targets.

    * Many have been built with little security in mind. I'm not too sure how vulnerable the iPhone is, or Android, but there are dozens of devices coming out that were tossed out onto the market without the manufacturers being overly concerned about security.

    * People don't think of "security" when they use these devices. People know about viruses and are careful about email, watching their PCs for signs of trouble, etc. They don't think about doing the same on their phone, and will be more careless.

    Remember when "feature phones" first came out, a lot of security vulnerabilities were found. You could use the Java engine and the Bluetooth connectivity to take over the phone and get it to dial and transfer the call to your phone. That way, you could make a long distance call, but have someone else pay for it. Or, you could dial the phone while someone was in a meeting and turn on the speakerphone without the owner knowing about it.

    These exploits weren't common, and in fact may never have been down outside of hacker demos. However, that was mainly because there wasn't too much too much you could exploit. (Woo! Free phone calls!), and because there were so many different phones, you had to know the specific make and model to do the exploit.

    Things are different now. Our phones now can connect to our financial institutions. And, with the advent of two dominant operating systems, there are more targets if you can find an exploit.

    iOS may be harder to exploit. Unlike Android, you can't simply download any program and hope it runs, but Apple hasn't always been the most up and up about security. There have been plenty of times an OSX exploit was known, but Apple took months to fix it. I hope Apple takes security a bit more seriously with iOS and fixes exploits as they are discovered.

    There will still be zero day iOS exploits, but fortunately for Apple, iOS devices get updated when people sync to their PC which allows them to stay upgraded with the latest OS. And Apple builds the hardware and software, so they can update all devices including the original iPhone even though it can't run iOS 4.x. Also, the closed nature of the App Store makes it harder to download malicious apps.

    Android is more vulnerable. Much more vulnerable. OS updates are pushed by the vendors who have shown a readiness to abandon older models as soon as newer models come out. If a security lapse is found in Android 1.6, about 1/2 of the Android phones will be vulnerable, and no one will issue a patch for them.

    The Android marketplace is more open to malicious apps. Early on, several banking apps were discovered to be from unknown third parties who intercepted the data as it was transmitted. Google wants the Android Marketplace to remain very open, but they have to balance out the need for security while they're at it.

    The main exploits will be from browser vulnerabilities. Many setup boxes that can browse the web were not too carefully thought out security-wise. The main impetus was getting it out on the market. Android and iOS will have similar vulnerabilities and they'll have to be patched as discovered. Google can push out updates without having their phones sync which is an advantage over iOS, but with so many different versions of Android and so many custom versions based for each phone, keeping them updated will be trickier. As I stated earlier, about 1/2 of the Android phones currently are stuck at version 1.6 with no hopes of ever being updated.

    Then again, most exploits may simply be social exploits. Fake emails that people respond to. Getting people to give out their username and password or account information. Listening to unencrypted traffic over open WiFi hotspots, etc. These bypass the high security OS and get to the weakest link in the chain of security -- the end user.

  1. JeffHarris

    Fresh-Faced Recruit

    Joined: Oct 1999

    +8

    McAfee: Please Help Our Bottom Line!

    Yep, McAfee is at it again...
    Sitting on their virtual street corner, desperately trying to sell pencils from a rusty tin cup. There's a tattered sign hung around their neck reading:

    Please Mac Users, Justify My Existence

    IOS is OS X. Mac OS X: 10 years, ZERO viruses

    If ever their's a need for virus protection, I'll use it. Until then, McAfee, STFU and leave us alone.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

ActvContent Sync Smartband

Smartbands of all sorts are hitting the market. Some build on the buzz around fitness trackers, while others offer simpler features fo ...

RocketStor 6324L Thunderbolt 2 eSATA bridge

Like it or not, the shift to Thunderbolt is underway. The connection is extremely flexible, allowing for video and data to co-habitate ...

Patriot Stellar Boost XT 64GB USB 3.0 drive

A vast selection of USB memory sticks means that consumers can often find exactly the size drive they need in a configuration that can ...

Sponsor

toggle

Most Commented

 
toggle

Popular News