Rake Narang: What are your top security predictions for 2012?
Brendan Ziolo: As mobile malware continues to grow, Android malware will become more sophisticated, more dangerous and will begin to make money for the cybercrimnal as part of the underground economy. Rootkit technology will be used to conceal the malware and command and control (C&C) protocols will become more robust. This mobile malware will evolve so it can disable security features on the device and protect itself from removal.
We’ll quite likely see the first Android malware that can exploit vulnerabilities in a network app to allow phone-to-phone infections via the Internet connection on Android devices in 2012.
We’ll also see stealthier botnets next year too. This year, we saw the takedown of the largest botnet, DNSChanger, to date, but this was only the tip of the iceberg. In 2012, we will see more super-bots that spread silently using existing infection vectors, bury themselves using stealth rootkit techniques and make every effort to remain undetected.
Finally, we hope to see more coordinated efforts between the public sector, vendors and service providers to take action on the growing malware problem, especially botnets. We have already seen initiatives on several fronts, including DNSChanger. Other countries like Japan, Germany and Australia have put in place programs to combat botnets and the Department of Commerce and Department of Homeland Security issued an RFI in late 2011. The growing mobile malware threat will provide additional momentum to get all parties to do more to work together and prevent ongoing attacks.
Rake Narang: What would be your advice to evade home network infections?
Brendan Ziolo: There are several steps that consumers can take to prevent infections in their home networks:
- Inspect your system for threats – Many anti-virus vendors have free scanners available on their site, which you can download or run in your browser, to detect and remove many types of malware. Some of these online scanners include: Microsoft Malicious Software Removal, SUPERAntiSpyware Portable Scanner and others.
- Run a System Check - To see if your applications, plug-ins and operating system are up-to-date and any security holes are patched, run a System Check, such as Secunia Online Software Inspector, and follow the instructions.
- Update your antivirus software - Hackers often sneak past antivirus software because it simply hasn't been updated. To prevent these attacks, make sure your antivirus software is always up-to-date. In many cases, you can set your antivirus software to update automatically.
- Keep your firewall turned on - Firewall software is often already available on some operating systems or home routers. Turning on your firewall can prevent hackers from accessing your computer to steal passwords and other personal info.
- Protect your Wi-Fi network - Be sure to encrypt your Wi-Fi network with a strong password to prevent others from snooping or gaining access to your network. You will also want to change the default password on the wireless router.