Monday, December 7, 2009

Eight Web Threat Predictions for 2010



As stated earlier, Smartphones are predicted to be the next playground for hackers.  Here's the rest of that list and a press release from  Websense:



Websense, Inc. (NASDAQ: WBSN), released its list of security predictions and trends anticipated for 2010. Researchers in the Websense® Security Labs™ have identified emerging security exploits and trends anticipated to increase during the next 12 months. The emerging trends and predictions show an overall blending of security threats across multiple attack vectors for the purpose of roping computers into bot networks and stealing valuable confidential information. Researchers believe that hackers will look to compromise new platforms such as smartphones and take advantage of the popularity of Windows 7. They are also expected to compromise the integrity of search engine results and use legitimate advertisements to spread their malicious content.



“Threats on the Web continue to parallel Internet users’ Web use patterns,” said Dan Hubbard, chief technology officer, Websense. “As audiences are moving quickly into the social Web, so are attacks. Additionally, as emerging operating systems and platforms like Macs and mobile devices become more popular, they are more targeted. At the same time, malicious attackers are increasing the number of traditional attacks on PCs, with quickly changing tactics and new twists on old exploits.”



In 2010, Websense Security Labs anticipates the emergence and growth of the following trends:





1. Web 2.0 attacks will increase in sophistication and prevalence.



2. Botnet gangs will fight turf wars.



3. Email gains traction again as a top vector for malicious attacks.



4. Targeted attacks on Microsoft properties, including Windows 7 and Internet Explorer 8.



5. Don’t trust your search results.





6. Smartphones are hackers’ next playground.




At the end of 2009 Websense Security Labs documented four iPhone exploits in a span of a few weeks—representing the first major attacks on the iPhone platform and the first iPhone data-stealing malware with bot functionality. Smartphones such as the iPhone and Android, which are used increasingly for business purposes, are essentially miniature personal computers and in 2010 will face the same types of attacks that target traditional computing. Additionally, poor security of applications on smartphones can put users’ and organizations’ data at risk. With a rapidly growing user base, business adoption and increasing use for conducting financial transactions with these devices, hackers will begin more dedicated targeting of smartphones in 2010.



7. Why corrupt a banner ad serve, when you can buy malvertising space?



8. 2010 will prove once and for all that Macs are not immune to exploits.


Hackers have noticed Apple’s rapid growth in market share in both the consumer and corporate segments. There exists additional risk for Mac users because many assume Macs are immune to security threats and therefore employ less security measures and patches, so attackers have additional incentive to go after the OS X platform. During 2009, Apple released six large security updates for Macs showing the potential for attacks. In 2010, there will be even more security updates as hackers ramp up attacks targeting the platform. There is also the potential for the first drive-by malware created to target Apple’s Safari browser.

Disqus for ePayment News