McAfee warns of the dangers of the “dark web”

Security McAfee Labs (soon to be known as Intel Security) is highlighting the role of the “dark web” malware industry as driving many of the high-profile point-of-sale attacks and data breaches the industry saw in the fall of 2013.

The vendor recently released its McAfee Labs Threats Report: Fourth Quarter 2013, and its centred around how it’s being easier and easier for cybercriminals to  purchase POS malware and sell stolen credit card numbers and personal information online. McAfee also saw the number of digitally signed malware samples triple over the course of 2013, driven primarily by new attack vectors around wrapping malicious binaries within digitally signed, otherwise legitimate installers.

“The fourth quarter of 2013 will be remembered as the period when cybercrime became ‘real’ for more people than ever before,” said Vincent Weafer, senior vice-president for McAfee Labs, in a statement. “These cyber thefts occurred at a time when most people were focused on their holiday shopping and when the industry wanted people to feel secure and confident in their purchases. The impact of these attacks will be felt both at the kitchen table as well as the boardroom table. For security practitioners, the ‘off the shelf’ genesis of some of these crime campaigns , the scale of operations, and the ease of digitally monetizing stolen customer data all represent a coming of age for both Cybercrime-as-a-Service and the ‘dark web’ overall.”

McAfee is particularly worried about the growth in maliciously signed files, and warns it could bring the continued viability of the CA model for code signing into question.

“Although the expansion of the CA and CDN industries has dramatically lowered the cost of developing and issuing software for developers, the standards for qualifying the identity of the publisher have also decreased dramatically,” said Weafer. “We will need to learn to place more trust in the reputation of the vendor that signed the file, and less trust in the simple presence of a certificate.”

Other findings from McAfee for Q4 include mobile malware sample growth of 197 per cent, a doubling of ransomware samples, and 300 new malware samples every minute.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Jeff Jedras
Jeff Jedras
A veteran technology and business journalist, Jeff Jedras began his career in technology journalism in the late 1990s, covering the booming (and later busting) Ottawa technology sector for Silicon Valley North and the Ottawa Business Journal, as well as everything from municipal politics to real estate. He later covered the technology scene in Vancouver before joining IT World Canada in Toronto in 2005, covering enterprise IT for ComputerWorld Canada. He would go on to cover the channel as an assistant editor with CDN. His writing has appeared in the Vancouver Sun, the Ottawa Citizen and a wide range of industry trade publications.

Related Tech News

CDN in your inbox

CDN delivers a critical analysis of the competitive landscape detailing both the challenges and opportunities facing solution providers. CDN's email newsletter details the most important news and commentary from the channel.