Latest news
Security trends coming in 2010
Posted on 04 December 2009.
Websense released its list of security predictions and trends anticipated for 2010. The emerging trends and predictions show an overall blending of security threats across multiple attack vectors for the purpose of roping computers into bot networks and stealing valuable confidential information.
In 2010, we can expect the emergence and growth of the following trends:
1. Web 2.0 attacks will increase in sophistication and prevalence
In the coming year, we can expect a greater volume of spam and attacks on the social Web and real-time search engines such as Topsy.com, Google and Bing.com. In 2009, researchers have seen increased malicious use of social networks and collaboration tools such as Facebook, Twitter, MySpace and Google Wave to spread attackers’ wares. Spammers’ and hackers’ use of Web 2.0 sites have been successful because of the high level of trust users place in the platforms and the other users.
2. Botnet gangs will fight turf wars
In the past year, there's been an increase in botnet groups following each other and using similar spam/Web campaigns tactics such as fake DHL and USPS notifications and other copy-cat behavior. We expect this to continue in 2010. In addition, we anticipate more aggressive behavior between different botnet groups including bots with the ability to detect and actively uninstall competitor bots.
3. Email gains traction again as a top vector for malicious attacks
In 2010, email used as a vector for spreading malicious attacks will evolve in sophistication. Attackers are more often using timely topics to lure recipients to open mail, attachments and click on malicious links. Not only are more emails containing malicious attachments, researchers also have seen increased sophistication of blended attacks that are difficult to close down. During 2010, this trend will continue and we will see more emails containing a malicious data stealing attachments and malicious URLs.
4. Targeted attacks on Microsoft properties, including Windows 7 and IE 8
We will see more malicious attacks targeting the Windows 7 with specific tricks to bypass User Access Control warnings, and greater exploitation of Internet Explorer 8. While Windows 7 tries to reduce the pop-ups by allowing four levels of User Access Control, security challenges to the interface and the operating system still exist. In fact, during a Patch Tuesday cycle in October 2009, five updates were for Windows 7 – even before it was released to the general public.
5. Don’t trust your search results
In the last year, attackers have used Blackhat SEO attacks to poison search results on everything from MTV VMA awards and Google Wave invites, to iPhone SMS features and Labor Day sales. SEO poisoning attacks are successful because as soon as a malicious campaign is recognized and removed from search results, the attackers simply redirect their botnets to a new, timely search term. These ongoing campaigns are likely to gain steam in 2010 and may cause a trust issue in search results among consumers, unless the search providers change the way they document and present links.
6. Smartphones are hackers’ next playground
At the end of 2009 there were four iPhone exploits in a span of a few weeks—representing the first major attacks on the iPhone platform and the first iPhone data-stealing malware with bot functionality. With a rapidly growing user base, business adoption and increasing use for conducting financial transactions with these devices, attackers will begin more dedicated targeting of smartphones in 2010.
7. Why corrupt a banner ad serve, when you can buy malvertising space?
In a high-profile incident in 2009, visitors to the New York Times Web site saw a pop-up box warning them of a virus that directed them to an offer for antivirus software, which was actually rogue AV. This attack was served up through an advertisement purchased by someone posing as a national advertiser. The successful attack was a worthwhile investment for the criminals and so in 2010 more malicious ads will be legitimately purchased by the bad guys.
8. 2010 will prove Macs are not immune to exploits
Macs are immune to security threats and therefore employ less security measures and patches, so attackers have additional incentive to go after the OS X platform. During 2009, Apple released six large security updates for Macs showing the potential for attacks. In 2010, there will be even more security updates as hackers ramp up attacks targeting the platform. There is also the potential for the first drive-by malware created to target Apple’s Safari browser.
The dynamic nature of Web 2.0 attacks, the use of email to drive users to malicious Web sites, and tactics like SEO poisoning and rogue AV all demonstrate the need for organizations to have a unified content security platform that protects against blended Web, email and data security threats.
In 2010, we can expect the emergence and growth of the following trends:
1. Web 2.0 attacks will increase in sophistication and prevalence
In the coming year, we can expect a greater volume of spam and attacks on the social Web and real-time search engines such as Topsy.com, Google and Bing.com. In 2009, researchers have seen increased malicious use of social networks and collaboration tools such as Facebook, Twitter, MySpace and Google Wave to spread attackers’ wares. Spammers’ and hackers’ use of Web 2.0 sites have been successful because of the high level of trust users place in the platforms and the other users.
2. Botnet gangs will fight turf wars
In the past year, there's been an increase in botnet groups following each other and using similar spam/Web campaigns tactics such as fake DHL and USPS notifications and other copy-cat behavior. We expect this to continue in 2010. In addition, we anticipate more aggressive behavior between different botnet groups including bots with the ability to detect and actively uninstall competitor bots.
3. Email gains traction again as a top vector for malicious attacks
In 2010, email used as a vector for spreading malicious attacks will evolve in sophistication. Attackers are more often using timely topics to lure recipients to open mail, attachments and click on malicious links. Not only are more emails containing malicious attachments, researchers also have seen increased sophistication of blended attacks that are difficult to close down. During 2010, this trend will continue and we will see more emails containing a malicious data stealing attachments and malicious URLs.
4. Targeted attacks on Microsoft properties, including Windows 7 and IE 8
We will see more malicious attacks targeting the Windows 7 with specific tricks to bypass User Access Control warnings, and greater exploitation of Internet Explorer 8. While Windows 7 tries to reduce the pop-ups by allowing four levels of User Access Control, security challenges to the interface and the operating system still exist. In fact, during a Patch Tuesday cycle in October 2009, five updates were for Windows 7 – even before it was released to the general public.
5. Don’t trust your search results
In the last year, attackers have used Blackhat SEO attacks to poison search results on everything from MTV VMA awards and Google Wave invites, to iPhone SMS features and Labor Day sales. SEO poisoning attacks are successful because as soon as a malicious campaign is recognized and removed from search results, the attackers simply redirect their botnets to a new, timely search term. These ongoing campaigns are likely to gain steam in 2010 and may cause a trust issue in search results among consumers, unless the search providers change the way they document and present links.
6. Smartphones are hackers’ next playground
At the end of 2009 there were four iPhone exploits in a span of a few weeks—representing the first major attacks on the iPhone platform and the first iPhone data-stealing malware with bot functionality. With a rapidly growing user base, business adoption and increasing use for conducting financial transactions with these devices, attackers will begin more dedicated targeting of smartphones in 2010.
7. Why corrupt a banner ad serve, when you can buy malvertising space?
In a high-profile incident in 2009, visitors to the New York Times Web site saw a pop-up box warning them of a virus that directed them to an offer for antivirus software, which was actually rogue AV. This attack was served up through an advertisement purchased by someone posing as a national advertiser. The successful attack was a worthwhile investment for the criminals and so in 2010 more malicious ads will be legitimately purchased by the bad guys.
8. 2010 will prove Macs are not immune to exploits
Macs are immune to security threats and therefore employ less security measures and patches, so attackers have additional incentive to go after the OS X platform. During 2009, Apple released six large security updates for Macs showing the potential for attacks. In 2010, there will be even more security updates as hackers ramp up attacks targeting the platform. There is also the potential for the first drive-by malware created to target Apple’s Safari browser.
The dynamic nature of Web 2.0 attacks, the use of email to drive users to malicious Web sites, and tactics like SEO poisoning and rogue AV all demonstrate the need for organizations to have a unified content security platform that protects against blended Web, email and data security threats.
Spotlight
Information security executives need to be strategic thinkers
Posted on 17 June 2013. | George Baker, the Director of Information Security at Exostar, talks about the challenges in working in a dynamic threat landscape, offers tips for aspiring infosec leaders, and more.
Large orgs in denial about own security breaches?
Posted on 14 June 2013. | Over two thirds (66%) of large organizations said they either had not experienced a security incident in the last 12-18 months or were unsure if they had.
Vulnerability scanning with PureCloud
Posted on 12 June 2013. | nCircle PureCloud is a cloud-based network security scanning product built upon the companies' vulnerability and risk management system IP360.
To hack back or not to hack back?
Posted on 12 June 2013. | If you think of cyberspace as a new resource for you and your organization, it makes sense to protect your part of it as best you can. But is it a good idea?
Reactions from the security community to the NSA spying scandal
Posted on 11 June 2013. | Read on for comments on this scandal that Help Net Security received from a variety of security professionals and analysts.
Daily digest
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
Weekly newsletter
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
