Welcome Guest | |
Follow Us:
    
Newsletter Signup:
Security vendors don prediction hats, flag threats for 2008
Web 2 By Anoop K Menon, NWC, January 01, 2008

Web 2.0 will up the security ante for enterprises in 2008. Immediately behind are spam, botnets, event-based attacks/fraud and attacks on the virtual world. The interconnectedness spawned by Web 2.0 additions like mash-ups, widgets and social networks on the Web is creating ‘weak links’ or compromised Web sites that could be exploited to target a larger number of Internet users, says Websense in its 2008 threat report. Social networking sites (like MySpace and Facebook) with large numbers of users are most vulnerable to such attacks. McAfee Avert Labs in its 2008 security report also warns of a large increase in use of Web 2.0 sites to distribute malware.
2008 does not promise relief from spam. According to Vishal Dhupar, MD, Symantec India, 2008 will see spammers using attachment types like MP3, flash and more appealing content (or pop culture spam) to evade traditional blocking systems and lure users into reading messages. Both Symantec and Websense predict more spam to be delivered via popular social networking sites. Websense reports that spammers have started posting URLs of malicious sites inside forums, blogs and even news sites (especially in their commentary or ‘talk-back’ sections) to boost their sites’ ranking in search engine results and attract more users to their sites.
With security measures failing to catch up with technological advances, voice-related cyber crime will have a free hand in 2008. Websense predicts that vishing (or the practice of using social engineering and Voice over IP) to gain personal and financial information, and voice spam, will combine and increase in 2008. In fact, with 2007 seeing more than double the number of VoIP security vulnerabilities vis-à-vis all of 2006, McAfee expects VoIP attacks to rise by 50 percent in 2008.
With spam evolving and transiting to 2008, can bots be far behind? An indication of how far the Bot menace has evolved is the ‘Storm’ worm, which created the largest peer-to-peer botnet ever. “We may see things like phishing sites hosted by bot zombies,” says Dhupar. 2008 could see a diversified bots invasion. Symantec’s report talks about the use of bots to artificially boost traffic to compromised Web sites through the hijack of browsers, enabling the perpetrator to generate fraudulent advertising revenue or serve malicious code which could then be used in subsequent fraudulent activities.
Attacks/frauds that exploit public interest in an event are expected to grow in 2008. Websense predicts that sites related to the 2008 Beijing Olympics could see large scale denial-of-service attacks or be compromised through malware to steal personal or confidential business information.
2008 will also see intensified efforts on the part of cybercriminals to target virtual worlds like Second Life and online gaming. As virtual objects continue to gain real value, criminals, phishers, spammers and others will look to capitalize on this. According to McAfee, the number of password-stealing trojans that targeted online games in 2007 grew faster than the number of trojans that targeted banks.



blog comments powered by Disqus
Featured Videos


 
    
 
Future Strategist Award
Who's next in line for the CIO position?
As a CIO you mentor someone in your organization for the future IT leadership role. InformationWeek would like to acknowledge and felicitate that special person at an awards ceremony at Interop
Top Stories
Interview
CIOs must leverage social media to increase their presence in the boardroom
Arun Sundararajan, NEC Faculty Fellow and Associate Professor at New York University’s Stern School of Business, discusses with InformationWeek the relevance of social media to the overall business, and how CIOs must handle social media
BankTech India - IT News for BFSI Segment
We're on Google+
InformationWeek India on Facebook