MADISON, Wis. (1/10/12)--While credit unions gear up for what may be radical growth in mobile banking, they also must keep in mind that mobile security is the No. 1 security issue in the list of top 10 computer security threats for 2012, according to McAfee Labs.
Cyber criminals are hacking into all sorts of devices, breaking into to everything from cell phones to car systems, and security threats are escalating and becoming more malicious, said Adam Wosotowsky, senior anti-spam analyst with McAfee (The Motley Fool
The No. 1 security threat is mobile threats that bypass personal computers, said McAfee. Attackers will launch mobile banking attacks, and consumers may start to see Trojan banking attacks such as SpyEye and Zeus spread to the smartphone. McAfee suggests consumers treat treat their smartphone like a computer. That means:
- Don't click on unsolicited links or download software from sources whose origin aren't clear.
- Use only apps from the credit union or bank, not third-party apps.
- Don't mix money, work and fun. Smartphones shouldn't be used for both visiting financial sites and visiting sites to download games. Often sites offering free games or porn contain viruses that harvest personal or financial information from a smartphone.
The other nine security threats looming in 2012 include:
- Embedded hardware. Digital cameras, medical devices, cars, and other items use embedded systems to control specific functions. An attacker can hijack control over the hardware to gain information. An example: A hardware hijacker can ask a car's GPS system where the victim lives.
- Threats to virtual currency. Hackers will increasingly target the growing use of cyber currency, which often isn't encrypted, as a means to steal money and install malware.
- Alternative entry points by hackers. Advances in operating systems that direct them elsewhere will force hackers to find other entry points into a consumer's computer.
- Blinking online traffic lights. Legislative issues may stall efforts to develop Internet traffic "rules of the road" that could aid in reducing instances where hackers steer unsuspecting users to another server.
- Rogue certificates. Expect an increase in fake digitally signed certificates, which are used to assure consumers and their security software that the website they are viewing is legitimate.
- Cyberwar showoffs. Countries are expected to demonstrate their cyber-war abilities to send a message that their infrastructures such as utilities are not vulnerable to cyber attacks.
- Hacktivism. Online activists will join forces with physical demonstrators to target public figures, industry leaders and other entities. Already, certain hacker groups have raided accounts at certain institutions in an effort to "steal from the rich and give it to the poor."
- Legalized spam. Legitimate advertisers are purchasing e-mail lists of consumers who have authorized receipt of online ads. This move comes as global spam volume has decreased the past two years.
- Increased industrial attacks. Many industrial systems are not prepared for cyber attacks. Attackers may engage in blackmail or extortion.