Cyberthreat Forecasts for 2010: More Complex with New Targets
Russian security experts Kaspersky ventures a forecast for malware development in 2010 and sees new types of attacks coming our way.
Cyberterrorists will be seeking filesharing opportunities in the coming year, such as peer-to-peer networks, for victimization, according to Kaspersky Lab. First indications have already emerged during 2009: working over Torrent portals, malware such as TDSS and Virut, and in its premiere, the first backdoor Trojan horse for Mac OS X, have already wreaked havoc.
Meanwhile criminals known as botnet providers are busily competing over turf. The Kaspersky report indicates, "Cybercriminals will continue to compete for traffic. The modern cybercriminal world is making more and more of an effort to legalize itself and there are lots of ways to earn money online using the huge amount of traffic that can be generated by botnets."
If the forecasts materialize, the contrary trend has nevertheless been that the number of fake antivirus programs foisted on users are falling off. In 2009 the phenomenon reached its highpoint with the Kido/Conficker worm, where its huge installation base saturated the market, while causing a shakeup of security providers with law enforcement authorities. The trick to the rogue antivirus programs was in their "discovery" of an alleged vulnerability on the PC, thereby eliciting user panic and recourse to an anti-malware program for a price that proceeded to install just more malware and reduce the computer to a bot.
What should be expected alongside are more complex malware and sophisticated rootkit technologies, says Alex Gostev, director of Kaspersky Lab's Global Research & Analysis Team.
Much of the upcoming focus for budding cybercriminals might end up being Google's Wave web service. Kaspersky sees atacks on the Google service in the usual three phases: sending spams, starting phishing attacks and spreading malware by exploiting vulnerabilities. However, the equally new Chrome web service is not expected to attract much attention among cybercriminals, at least not in the near term.
2010 might be a different story for the iPhone and Android mobile phones. The first malware for these devices appearing in 2009 supports the fact that these mobile systems are certainly in the malware industry cross hairs, predicts Kaspersky. One definite point of entry is unsecured third party software. The strategy supports Kasperky's credo that cybercriminals are professionals undertaking their own form of market analysis: Android devices are gaining popularity in China. Further Kaspersky analyses are available on its website.
Lennart Poettering wants to change the way Linux developers talk to each other.
Enterprise giant frees itself from ink and home PCs (and visa versa).
Mozilla’s product think tank sinks silently into history.
TODO group will focus on open source tools in large-scale environments.
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.