User-Agent: *
Allow: /

Custom Search

Kamis, 08 Januari 2009

Top 10 security predictions for 2009 Part. 1

What will next year hold in the ever-changing world of IT security?

By Asavin Wattanajantra, 6 Jan 2009 at 18:05

New tech means new ways for criminals to attack systems. Next year will see hackers get smart about cloud computing, social networking and more. Here's our top ten threats to keep an eye on...

Malware 2.0

Malware will increasingly target Web 2.0 as well as cloud services. New cloud-based services - such as Amazon Web Services and Microsoft Azure - are vulnerable new targets for cybercriminals or spammers.



The cloud could be used simply to send spam, but it also could launch sophisticated attacks such as hosting malicious code for downloads.

Web 2.0 has also created an environment where malware can change depending on an event or a situation. Separate harmless bits of malware can be constructed to combine and maliciously attack.

A good example of this is with mash-ups, where data from many websites can be reconstructed to create something malicious.

Malware-as-a-service becomes more common, which will allow automated malware to be bought and sold to order. This will be a big problem, as it lowers the technical level needed for criminals to become online fraudsters.

An explosion in new malware variants and web threats

Anti-virus vendor Symantec claims that new strains of malware consisting of millions of distinct threats can propagate as a single, core piece of malware. This will create a number of unique malware instances.

Indeed, research has shown we have now reached an inflection point where we are now more malicious programs than legitimate ones. Businesses and vendors need to move away from signatures and concentrate on detection methods, such as the reputation-based approach.

As web services keep increasing, and as browsers start to move towards a uniform standard for scripting language, expect new web-based threats.

Social networking spam

As the year went on, criminals were gradually moving from email-based spam to different techniques. One of these was social networking spam, where websites such as Facebook and MySpace were targeted.

Personal information is gold to the bad guys, and they will learn better tricks to persuade users to give away their details and find ways to access private accounts.

The rise in popularity of social networking sites that allow user-generated content will be a problem. Web spam will increase as will malicious posting into user-forums and blogs.

Security firm Websense claims that new web attack toolkits have emerged that allows attackers to discover posts and/or have vulnerabilities. Bots may also add more HTTP post functionality among their many capabilities.

source : www.itpro.co.uk

0 komentar: