Friday, December 08, 2006

Top Ten Threats For 2007 - From McAfee

It's near the end of 2006, so lists will be a big part of the stories you read on virtually any topic from now through the New Year. McAfee has a list for the security-conscious. The list covers what their Avert Labs data indicated will be the top 10 security threats next year, presented in no particular order: \

1. The number of password-stealing Web sites will increase using fake sign-in pages for popular online services such as eBay
2. The volume of spam, particularly bandwidth-eating image spam, will continue to increase
3. The popularity of video sharing on the Web makes it inevitable that hackers will target MPEG files as a means to distribute malicious code
4. Mobile phone attacks will become more prevalent as mobile devices become "smarter" and more connected
5. Adware will go mainstream following the increase in commercial Potentially Unwanted Programs (PUPs)
6. Identity theft and data loss will continue to be a public issue - at the root of these crimes is often computer theft, loss of back-ups and compromised information systems
7. The use of bots, computer programs that perform automated tasks, will increase as a tool favored by hackers
8. Parasitic malware, or viruses that modify existing files on a disk, will make a comeback
9. The number of rootkits on 32-bit platforms will increase, but protection and remediation capabilities will increase as well
10. Vulnerabilities will continue to cause concern fueled by the underground market for vulnerabilities

The greater concern that should make these threats more of a priority for law enforcement around the globe is how so many of them will be perpetrated by criminals. With potential profits available through exploiting technology and the people who use it, the more organized and sophisticated criminal groups will continue to seek ways to garner those gains. McAfee said its researchers have seen "evidence of the rise of professional and organized crime in malware creation.":

(D)evelopment teams are creating malicious software, testing it and automating its production and release. Sophisticated techniques such as polymorphism, the recurrence of parasitic infectors, rootkits, and automated systems with cycling encryption releasing new builds are becoming more prevalent. Furthermore, threats are being packed or encrypted to disguise their malicious purpose on a more rapid and complex scale.

Threats to videos and mobiles could be a combined problem. The popular video sharing site YouTube recently inked a deal with Verizon Wireless that will make videos available to V Cast subscribers. If video on mobile finally starts to gain a greater userbase, that will make it a target for attackers.

No comments: