Top 10 security predictions for 2009

What will next year hold in the ever-changing world of IT security?

Although the threats keep multiplying, most would agree that in the current economic climate, budgets are unlikely to grow significantly.

This means that there will be more consolidation in the security field and means that instead of multiple boxes carrying out single functions, it will be consolidated into single boxes.

In 2008 this has already been happening, but with budgetary pressures there is no doubt this will accelerate.

It will also be interesting to see how the new focus on data security will affect the way businesses work, and whether there will be a change of focus in security to securing the data, rather than protecting the network.

Advertisement - Article continues below

Mobile computing hacks

The growth in popularity of smartphones will make them a bigger target to criminals as they will not have the security protection that PCs have had for years.

Applications and associated data will be accessed from anywhere and make them a big target for hackers. IT administrators need to be on their guard as these threats will have multiple points of entry, targeting different devices and applications.

This is made even more important by the fact that the use of mobile internet will have increased significantly by the end of 2009.

The value of the data that new sophisticated phones will carry will mean that subscribers will expect mobile operators to take greater security measures to protect personal data, especially when mobile commerce takes off.

The new generation of botnets

At the end of 2008 many of the biggest botnets were taken down with the closing of the McColo server. MessageLabs predicted that these will find new hosting services in countries such as Russia or China, improving botnet technology.

A particular sophisticated type of botnet that was described takes the form of hypervisor technology, with malware existing as a virtualisation layer running directly on the hardware and incorporating key operating system calls.

The "real" operating system remains unaware of the existence of underlying malware controlling the computer. Particularly technical attacks like SQL injection and cross-site scripting will also continue, and become more commonplace in 2009.

Cyber hacking on virtual worlds

Advertisement - Article continues below

Like social networking, hackers are likely to move away from the traditional forms of email spamming and move towards the potential goldmine of virtual worlds.

This could be gaming universes like World of Warcraft, or more social reality-based worlds like Second Life, where stolen virtual goods could be sold for real hard cash.

Users are often more relaxed about their personal details in online worlds, and this means that there could be a good opportunity for criminals to create technology which steal this data.

The increasing use of virtual worlds by businesses will also be a factor, as the value of data that these worlds will carry may grow significantly. This will make it more profitable, and therefore attract more criminals.

Reputation hijacking flourishes

The vulnerability in the design of the Domain Name System (DNS) found by Dan Kaminsky could in theory poison a server's cache causing people sending emails or requesting a website to be given the wrong IP address.

This could mean victims are sent to a fake website which is looking for personal details, but looks perfectly real. If organised gangs manage to exploit this DNS vulnerability it could mean a whole different set of problems in 2009.

There was a multi-vendor patch deployed in August to protect servers from attack, but it has been made clear that the vulnerability had only been slowed down not eliminated.

Featured Resources

Application security fallacies and realities

Web application attacks are the most common vulnerability, so what is the truth about application security?

Download now

Your first step researching Managed File Transfer

Advice and expertise on researching the right MFT solution for your business

Download now

The KPIs you should be measuring

How MSPs can measure performance and evaluate their relationships with clients

Download now

Life in the digital workspace

A guide to technology and the changing concept of workspace

Download now

Most Popular

mergers and acquisitions

Xerox threatens hostile takeover after HP rebuffs $30bn takeover

22 Nov 2019
Google Android

Samsung Galaxy A90 5G review: Simply the best value 5G phone

22 Nov 2019
IT infrastructure

TSB payment delays suggest second IT meltdown

22 Nov 2019

Salesforce takes AWS relationship to the next level

19 Nov 2019