Lost Password? No account yet? Register
  • Increase font size
  • Decrease font size
  • Default font size

WWW.BS25999.COM

Sunday
Jul 06th
Home arrow Content arrow Risk and Security Management arrow Symantec Predicts Top Five Security Menaces for 2008
Symantec Predicts Top Five Security Menaces for 2008 PDF Print E-mail
If this year will be remembered for high-profile data breaches, with the TJX break-in topping a long list, then what troubles are in store for 2008? Predictions include more powerful hacker botnets that elude shutdown and growth in numbers of compromised Web sites that attack trusting, unsuspecting visitors Those are some of the picks from Symantec’s director of emerging technologies, Oliver Friedrichs. A rundown of his top five:

Web threats

In particular, trusted Web sites that are compromised, with attackers loading them up with malicious code to attack unsuspecting visitors. The year started with the hack of the Web sites of Dolphin Stadium and the Miami Dolphins right before the Super Bowl game, causing them to dispense attack code to visitors. Social-networking sites appear to be ripe for this approach. The recent hack of Alicia Keys’ Web site on MySpace is likely a harbinger of more to come.

Mobile threats

Particularly for new mobile platforms, such as the Google GPhone and Apple iPhone, where kits are available to software developers and applications in the future, could have holes to exploit. "Banks and online auctions are moving to mobile phones," says Friedrichs. Cybercriminals can only be expected to follow.

Virtual worlds

If attacks in the "real world" aren’t enough, get ready for attacks in "virtual worlds" where online players vie to win virtual battles and virtual stuff. Some of the big ones are Second Life, Lineage and World of Warcraft. "Attackers and criminals are looking at these platforms," Friedrichs points out. "There are already trojans that target Lineage players. They take over an account and steal anything they have, like their sword, their gold, and take these items and sell them somewhere." Virtual worlds have real crime.

Upcoming presidential election

The presidential candidates -- all 19 of them right now -- accept online donations and campaign online. During the presidential race in 2004, "we saw phishing against the Edwards campaign," Friedrichs points out. "And there was a denial-of-service attack against the Lieberman site." More possibilities this time around in the presidential race include a criminal or extremist supporter registering a "typo-domain" that mimics the Web site of a political opponent, and when contributions come in, they’re either pocketed or contributed to someone else’s campaign.

 

 

Bot evolution

"Today’s bots are fairly centralized with a command-and-control center," he says. "In the future, they’re going to be more peer-to-peer, and it will make bots more difficult to take down." Friedrichs says the Storm worm is the best example so far of a decentralized botnet. "It surfaced in January, and it’s still going strong.".

 

 

Comments (0)add
Write comment
smaller | bigger

security image
Write the displayed characters


busy
 
< Prev   Next >
[ Back ]