After a year of unprecedented proliferation of spyware, malware and cyber attacks of all types, security software vendor Symantec warns there’s plenty more where that came from in its just-released 2010 Security Trends to Watch report.

Kevin Haley, Symantec Security Response group product manager, this week posted an ironic blog entry titled “Don’t Read This Blog” to draw attention to the company’s latest report and to illustrate how Internet users have been conditioned to click any compelling link without regard to the possible—and often probable — security consequences of their actions.

“We love to click,” he wrote. “Clicking on links and attachments that are accompanied by just the slightest bit of social engineering appears to be a basic human need.”

The dirty baker’s dozen

Whether you’re using your mobile phone to check e-mail and surf the Web or an enterprise IT administrator charged with safeguarding your company’s data, Symantec says the following 13 security issues will be most relevant in 2010:

1) Antivirus is not enough

With the rise of polymorphic threats and the explosion of unique malware variants in 2009, the industry is quickly realizing that traditional approaches to antivirus (including both file signatures and heuristic/behavioral capabilities) are not enough to protect against today’s threats. We have reached an inflection point, where new malicious programs are actually being created at a higher rate than good programs.

Approaches to security that looks for ways to include all software files, such as reputation-based security, will become key in 2010.

2) Social engineering as the primary attack vector

More and more, attackers are going directly after the end user and attempting to trick them into downloading malware or divulging sensitive information under the auspice that they are doing something perfectly innocent. Social engineering’s popularity is at least in part spurred on by the fact that what operating system and Web browser rests on a user’s computer is largely irrelevant, as it is the actual user being targeted, not necessarily vulnerabilities on the machine.

3) Rogue security software vendors escalate their efforts

In 2010, expect to see the propagators of rogue security software scams take their efforts to the next level, even by hijacking users’ computers, rendering them useless and holding them for ransom. A less drastic next step, however, would be software that is not explicitly malicious, but dubious at best.

For example, Symantec has already observed some rogue antivirus vendors selling rebranded copies of free third-party antivirus software as their own offerings. In these cases, users are technically getting the antivirus software that they pay for, but the reality is that this same software can actually be downloaded for free elsewhere.

4) Social networking third-party apps will fraud targets

With the popularity of social networking sites poised for another year of unprecedented growth, expect to see fraud being targeted toward social site users to grow.

As this occurs, and as these sites more readily provide third-party developer access to their APIs, attackers will likely turn to vulnerabilities in third-party applications for users’ social networking account information, just as we have seen attackers take advantage of browser plug-ins more as Web browsers themselves become more secure.

5) Windows 7 will come in the crosshairs of attackers

Microsoft has already released the first security patches for its new operating system. As long as humans are programming computer code, flaws will be introduced, no matter how thorough pre-release testing is. And the more complex the code is, the more likely that undiscovered vulnerabilities exist.

Microsoft’s new operating system is no exception, and as Windows 7 hits the pavement and gains traction in 2010, attackers will undoubtedly find ways to exploit its users.

6) Fast Flux botnets will increase

Fast flux is a technique used by some botnets, such as the Storm botnet, to hide phishing and malicious Web sites behind an ever-changing network of compromised hosts acting as proxies. Using a combination of peer-to-peer networking, distributed command-and-control, Web-based load balancing and proxy redirection, it makes it difficult to trace the botnets’ original geo-location.

As industry countermeasures continue to reduce the effectiveness of traditional botnets, expect to see more using this technique to carry out attacks.

7) URL-shortening services become the phisher’s best friend

Because users often have no idea where a shortened URL — particularly from Twitter — is actually sending them, phishers are able to disguise links that the average security conscious user might think twice about clicking on.

8) Mac and Mobile Malware Will Increase

In 2009, Macs and smartphones will be targeted more by malware authors. As Mac and smartphones continue to increase in popularity in 2010, more attackers will devote time to creating malware to exploit these devices. To be honest I have heard  for the years since OS X was released and never saw any major attacks.

9) Spammers breaking more rules

As the economy continues to suffer and more people seek to take advantage of the loose restrictions of the Federal Trade Commission’s Can-Spam Act, there will be more organizations selling unauthorized e-mail address lists and more less-than-legitimate marketers spamming those lists.

10) As spammers adapt, volume will continue to fluctuate

---

Filed under: Security - @ December 8, 2009 4:49 pm