By Stevie Smith Nov 19, 2007, 13:34 GMT
2007 and its host of malicious online exploits, viruses, and vulnerabilities are finally coming to end – so what better time is there to prepare for 2008’s upcoming attacks, courtesy of McAfee. More pointedly, renowned Internet security expert McAfee Inc. has this week offered its best-guess predictions for the top-ten security threats that are likely to rear their ugly heads from the New Year onwards.
Online security expert McAfee Inc. reveals its top-ten predictions for the upcoming cyber attacks in 2008. Credit: McAfee.
According to researchers at McAfee’s Avert Labs, 2008 is expected to usher in an increase in a variety of Web dangers, along with threats specifically targeting Microsoft’s latest operating system Windows Vista. On the positive side, the spread of adware is expected to continue in its downward trend.
"Threats are increasingly moving to the Web and migrating to newer technologies such as VoIP and instant messaging," explained Jeff Green, senior VP of McAfee Avert Labs and product development. "Professional and organized criminals continue to drive a lot of the malicious activity. As they become increasingly sophisticated, it is more important than ever to be aware and secure when traversing the Web."
The top-ten online security threats for 2008, if McAfee’s predictions prove to be sound, will arrive as the following:
Bull's Eye on Web 2.0: This attack compromises and adds data-mining malware to online sites including SalesForce.com, Monster.com, and social networking service MySpace (among others) to gather personal information shared by Net users. McAfee expects this type of attack to increase greatly throughout 2008.
Botnets follow the Storm: Following the release and ‘success’ of the Storm Worm, which provides cyber crooks with complete remote control of the unwitting host PC and creates a network of bot PC systems, McAfee expects other attackers to recreate Storm’s effects in a variety of other worm-based infections.
VoIP attacks to rise 50 percent: With VoIP attacks having already doubled against the figures from 2006, McAfee expects VoIP-related threats to increase by a further 50 percent. "It is clear that VoIP threats have arrived and there’s no sign of a slow down," warns McAfee. "The technology is still new and defense strategies are lagging."
IM = Instant Malware: McAfee shows its concern for the arrival of a "flash" worm dispatched to "reach millions" in a matter of seconds via instant messaging applications as IM vulnerabilities have doubled in 2007 when compared to 2006 – including 10 high-severity risks.
Target: Online Gaming: McAfee outlines that Trojans targeting online gamers grew faster in 2007 than the number targeting banking establishments, while also pointing out the threat to virtual economies is surpassing the threat to the real-world economies.
Vista joins the party: With Windows Vista set to gain market share and cross the 10 percent marker, along with the long-awaited arrival of the SP1 pack, attackers and malware authors are expected to concentrate efforts on circumventing the new operating system’s defences.
Adware continues its decline: With gathering lawsuits, enhanced defences, and general negativity already associated with adware, the decline of this particular form of threat is expected to continue throughout 2008.
Phishers catch a wider net: McAfee predicts that cyber crooks will begin targeting smaller, less-popular Web sites with their data-stealing phishing scams during 2008 following increased security and quicker response times being established by more prominent Web destinations.
Parasitic crimeware takes root: "Parasitic infectors are viruses that modify existing files on a disk, injecting code into the file where it resides," outlines McAfee. "While crimeware was storming ahead in recent years, parasitic malware faded to the background. In 2007 several crimeware authors turned old school to deliver threats like Grum, Virut, and Almanahe; parasitic viruses with a monetary mission. The number of variants of an older parasitic threat, Philis, grew by more than 400 percent, while over 400 variants of a newcomer, Fujacks, were catalogued." McAfee expects a continued interest in parasitics from the crimeware community, with overall parasitic malware expected to grow by 20 percent during 2008.
Virtualisation transforms information security: Although security vendors (such as McAfee) will utilise virtualisation technology to create more resilient defences to foil today’s complex threats, it is believed that researchers, professional hackers, and malware authors will seek out new ways to beat this latest technology "continuing the classic game of cat and mouse."
For more information on particular threats likely to appear during 2008, or to learn more about cutting-edge security research and opinions, visit the McAfee Avert Labs Security Blog at: http://www.avertlabs.com/research/blog/.
Your Talkback on this Story