Job losses will lead to more e-crime recruitment
E-crime recruitment, the browser as the new operating system and identity theft goes social are the three top web security trends, according to a new report.
The expansion of new cybercrime activity in 2009 will characterised by three distinct developments, according to a report released from the Attack Intelligence Research Centre operated by security vendor Aladdin.
It predicted that cybercrime recruitment would intensify to capitalise on an increasingly challenging job market, while exploits will focus on the blurring of the distinction between the browser and the desktop, and identity theft will go social.
Ian Amit, director of security research at Aladdin, said e-crime networks were starting to realise they needed more than technical competencies and skills to survive - and just at the time when a lot more “good guys” are finding themselves needing work.
“They need to find sophisticated ways to move money from one part of the world to another,” Amit told IT PRO adding that, in this respect, cybercriminals were beginning to operate more like traditional organised crime networks.
“The fact that the virus writers are at the bottom of the food chain and don’t see the compromised data legitimises their activities and they think that means they’re not necessarily doing anything wrong,” he added.
The report also predicted that hackers’ technical focus would shift from looking for vulnerabilities to exploit in operating systems (OS) to those components being developed to enable browsers to interact with desktops or other browsers.
“The advent of Google Gears and the likes of Adobe’s Air and Microsoft’s SilverLight means the focus will be specifically on similar components to allow interoperability between OS,” Amit said. “It’s really the tip of the iceberg.”
But he urged this not to stop companies trialling and adopting such new web technologies. “The point is not to provide a new patch to go over an old one, but to ensure vendors aware of the trend and continue in their efforts to adapt to it,” Amit said.
Finally, with more professionals and businesses using social networking websites and applications, the report predicted the soaring “value” of web identities would prove an attractive source of potential fraud to e-crime gangs.
The large amount of personal data publicly available through such sources online will enable a rise in the instances of web identity hijacking. Only last month, another vendor’s research claimed that Facebook profiles were for sale on the online black market for as little as 89 pence.
“On a personal level, people should be aware of who they are connecting with and ‘Google’ themselves occasionally,” added Amit. “Enterprises should find solutions that are built work with their environment to block certain processes, like accepting contacts. And some of the older social networks will need to look at their infrastructure side particularly to do with predicating and validating authentication methods.”