Top 10 security predictions for 2009

What will next year hold in the ever-changing world of IT security?

New tech means new ways for criminals to attack systems. Next year will see hackers get smart about cloud computing, social networking and more. Here's our top ten threats to keep an eye on...

Malware 2.0

Malware will increasingly target Web 2.0 as well as cloud services. New cloud-based services - such as Amazon Web Services and Microsoft Azure - are vulnerable new targets for cybercriminals or spammers.

Advertisement - Article continues below

The cloud could be used simply to send spam, but it also could launch sophisticated attacks such as hosting malicious code for downloads.

Web 2.0 has also created an environment where malware can change depending on an event or a situation. Separate harmless bits of malware can be constructed to combine and maliciously attack.

A good example of this is with mash-ups, where data from many websites can be reconstructed to create something malicious.

Malware-as-a-service becomes more common, which will allow automated malware to be bought and sold to order. This will be a big problem, as it lowers the technical level needed for criminals to become online fraudsters.

An explosion in new malware variants and web threats

Anti-virus vendor Symantec claims that new strains of malware consisting of millions of distinct threats can propagate as a single, core piece of malware. This will create a number of unique malware instances.

Advertisement - Article continues below
Advertisement - Article continues below

Indeed, research has shown we have now reached an inflection point where we are now more malicious programs than legitimate ones. Businesses and vendors need to move away from signatures and concentrate on detection methods, such as the reputation-based approach.

As web services keep increasing, and as browsers start to move towards a uniform standard for scripting language, expect new web-based threats.

Social networking spam

As the year went on, criminals were gradually moving from email-based spam to different techniques. One of these was social networking spam, where websites such as Facebook and MySpace were targeted.

Personal information is gold to the bad guys, and they will learn better tricks to persuade users to give away their details and find ways to access private accounts.

The rise in popularity of social networking sites that allow user-generated content will be a problem. Web spam will increase as will malicious posting into user-forums and blogs.

Advertisement - Article continues below

Security firm Websense claims that new web attack toolkits have emerged that allows attackers to discover posts and/or have vulnerabilities. Bots may also add more HTTP post functionality among their many capabilities.

More legitimate website hacking

It arose as a big problem in 2008 and is sure to continue next year, as criminals realise that hacking a legitimate website is a great way to persuade users to click and downloads malicious files.

Many users are still unfamiliar with web-based malware and 2009 could a boom year as cybercriminals look to capitalise on this ignorance. It is a very recent evolution to exploit flaws in browsers and web servers, and new toolkits are now constantly being made to take advantage.

The fact that these toolkits often don't need users to have a great technical knowledge lowers the barrier for entry for cybercriminals and pushes the threat level even higher than before.

Advertisement - Article continues below

Unemployment creates more cybercriminals

The credit crunch will affect the security landscape in a number of ways. One of the scariest prospects is that the economic downturn will make it tempting for unemployed IT workers to use their technical knowledge to commit internet crime.

It's a very lucrative business - and as mentioned before - the growth of malware-as-a-service will make it very easy for people to make money on the web, even if they lack the right technical knowledge.

It could also be a problem in developing countries, as the lack of IT jobs could force qualified and skilled technical workers into the arms of criminal gangs, who will exploit their skills in aid of making money over the web.

Featured Resources

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Remote working 2020: Advantages and challenges

Discover how to overcome remote working challenges

Download now

Keep your data available with snapshot technology

Synology’s solution to your data protection problem

Download now

After the lockdown - reinventing the way your business works

Your guide to ensuring business continuity, no matter the crisis

Download now

Most Popular

How to find RAM speed, size and type

How to find RAM speed, size and type

3 Aug 2020
Labour Party donors caught up in Blackbaud data breach
data breaches

Labour Party donors caught up in Blackbaud data breach

31 Jul 2020
How do you build a great customer experience?

How do you build a great customer experience?

20 Jul 2020