Top 10 security stories of 2008
What were the particular hot topics in security that caught the attention of IT PRO readers this year?
The level of technical knowledge needed to become an online fraudster lowered significantly this year, as savvy criminals took many of the IT industry's successful business principles and made them their own.
Malware-as-a-service was big this year, and it looks like 2009 this will become even more common as the credit crunch makes it more tempting for techies and ordinary users alike to make some good money by stealing data.
It started in 2007 with the HMRC breach, and due to the uproar that followed, 2008 was the year that data breaches in the public and private sector began to be reported.
It was a gradual learning process, but it is only now that those in charge have started to realise their responsibilities in taking care of the private data that they hold.
According to research, the average cost of a data breach by record is 47. That's a lot when you consider the number of records that businesses and the private sector tend to hold. It's in all of our interests that data is kept as safe as possible from being lost, be it taken maliciously or accidentally.
This was one of the big headline threats this year, as Dan Kaminsky found a problem at the very heart of the way the internet works with a problem with the Domain Name System (DNS).
This meant that if a managed to take advantage users could be transported to malicious made-up sites even if they typed legitimate addresses. This could also create serious problems with online transactions and email.
Hacking was back in the news as Gary McKinnon desperately fought to avoid being extradited to the US for crimes against the military. As IT PRO revealed, he wasn't the first to have been involved in committing malicious acts online.
Interestingly only one of the hackers mentioned in the feature was doing it for financial gain the reasons for the other hackers included revenge, curiosity and even simply as pranks.
It's a whole different playground now, and the new generation of hacker is out there but they won't be silly enough to have their work as seen as public knowledge like these guys.
One of the biggest threats to surface this year was web-based malware which found its way to users via legitimate sites and drive-by downloads.
This particular incident was one of the largest attacks of its kind as criminals worked out that one of the best ways to get users to download malware was to target websites that people knew and trusted.
It's a clever way to get malware on machines, effectively piggy-backing' on the reputation of other sites.
Another example was with the Asprox' Trojan, which managed to infect thousands including the NHS website .
Trojan horses were a constant bane for the security and anti-virus vendors to deal with, and file sharing also became a problem, as McAfee reported what it claimed was the most significant malware outbreak in three years.
It was done using file sharing as users passed infected video and music files which were sent over peer-to-peer file sharing services.
Navigating the new normal: A fast guide to remote working
A smooth transition will support operations for years to comeDownload now
Leading the data race
The trends driving the future of data scienceDownload now
How to create 1:1 customer experiences at scale
Meet the technology capable of delivering the personalisation your customers craveDownload now
How to achieve daily SAP releases
Accelerate the pace of SAP change to support your digital strategyDownload now