We’ve passed the 100-day landmark for World Cup 2010 and one thing is certain, we can expect threat levels to rise as kick-off date comes ever closer. Below is a list of trends and thoughts that Symantec researchers have identified for this period.
Antivirus is Not Enough
With the rise of polymorphic threats and the explosion of unique malware variants in 2009, the industry is quickly realising that traditional approaches to antivirus, both file signatures and heuristic/behavioural capabilities, are not enough to protect against today’s threats.
We have reached an inflection point where new malicious programs are actually being created at a higher rate than good programs.
We have also reached a point where it no longer makes sense to focus solely on analysing malware. Instead, approaches to security that look to ways to include all software files, such as reputation-based security, will become key in 2010.
Social Engineering as the Primary Attack Vector
More and more, attackers are going directly after end users and attempting to trick them into downloading malware or divulging sensitive information under the auspice that they are doing something perfectly innocent.
Social engineering’s popularity is at least in part spurred by the fact that what operating system and Web browser rests on a user’s computer is largely irrelevant, as it is the actual user being targeted, not necessarily vulnerabilities on the machine.
Social engineering is already one of the primary attack vectors being used today, and Symantec estimates that the number of attempted attacks using social engineering techniques is sure to increase in 2010.
Rogue Security Software Vendors Escalate Their Efforts
In 2010, expect to see the propagators of rogue security software scams take their efforts to the next level, even by hijacking users’ computers, rendering them useless and holding them for ransom. A less drastic next step, however, would be software that is not explicitly malicious, but dubious at best.
For example, Symantec has already observed some rogue antivirus vendors selling rebranded copies of free third-party antivirus software as their own offerings.
In these cases, users are technically getting the antivirus software that they pay for, but the reality is that this same software can actually be downloaded for free elsewhere.
Social Networking Third-Party Applications Will be the Target of Fraud
With the popularity of social networking sites poised for another year of unprecedented growth, expect to see fraud being leveraged against site users to grow.
In the same vein, expect owners of these sites to create more proactive measures to address these threats. As this occurs, and as these sites more readily provide third-party developer access to their APIs, attackers will likely turn to vulnerabilities in third-party applications for users’ social networking accounts, just as we have seen attackers leverage browser plug-ins more as Web browsers themselves become more secure.
Windows 7 Will Come into the Cross-Hairs of Attackers
Microsoft has already released the first security patches for the new operating system. As long as humans are programming computer code, flaws will be introduced, no matter how thorough pre-release testing is, and the more complex the code, the more likely that undiscovered vulnerabilities exist.
Microsoft’s new operating system is no exception, and as Windows 7 hits the pavement and gains traction in 2010, attackers will undoubtedly find ways to exploit its users.