Security Trends of 2008 and Predictions for 2009
by Zulfikar Ramzan - Ph.D., architect and technical director, Symantec - Wednesday, 24 December 2008.
Economic Crisis

As we have learned, current events are utilized as headliners to bait victims. In 2009, it is easily predicted that the economic crisis will be the basis of new attacks. We expect to see an increase in emails promising easy-to-get mortgages or work opportunities. Unfortunately, the people already being hit hard by the economy who have lost jobs and who have had homes foreclosed will also become the primary prey of scams.

Advanced Web Threats

The number of available Web services is increasing and browsers are continuing to converge on a uniform interpretation standard for scripting languages. Consequently, we expect the number of new Web-based threats to increase. User-created content can host a number of online threats from browser exploits, distribution of malware/spyware and links to malicious websites. The widespread use of mobile phones with access to the Web will make Web-based threats more lucrative. We have already seen attacks disguised as free application downloads and games targeting Smartphones. We expect to see more truly malicious mobile attacks in 2009.

Social Networks

Social networks will enable highly targeted and personalized spam by phishing for username accounts and/or using social context as a way to increase the “success rate” of an online attack. In 2009, we expect an upgrade in spam to the use of proper names, sophisticatedly segmented according to demographic or market. The upgraded spam will resemble legitimate messages and special offers created from personal information pulled from social networks and may even appear to come from a social networking “friend.” Once a person is hit, the threat can easily be spread through their social network. Enterprise IT organizations need to be on the alert for these types of attacks because today’s workforce often accesses these tools using corporate resources. The battle against Internet security threats will continue to rage on and tactics on both sides will become more sophisticated over time. Although no one can be certain of what the future holds, we can look back and learn from our past to identify trends that can help make educated predictions for where future attacks may be heading.


What's the real cost of a security breach?

The majority of business decision makers admit that their organisation will suffer an information security breach and that the cost of recovery could start from around $1 million.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 11th