Unique predictions include a potential cryptographic algorithm break, botnet turf wars, attacks on voting mechanisms for elections and reality shows, a major utility breach in the U.S. and hijacked computers held for ransom.
James Quinn, senior research analyst at Info-Tech Research Group Ltd., expects the push towards financial incentives will continue from the hacker’s perspective. But the biggest trend that will continue from 2009 into 2010, according to Quinn, is the increasing speed at which threats will evolve. “Security companies have gotten very, very good at responding to threats, and so as a result, bad guys have had to change the nature of the threat more rapidly… I think what we are going to continue to see is an increase in that rate of evolution,” he said.
Quinn also expects 2010 will be an interesting year in terms of reputation-based security software. While the model allows anti-malware vendors to work quickly by looking at where information is coming from, whether it works effectively still remains in question, he pointed out. “They are moving towards this model out of an efficiency basis, simply because there is so much good code and there is so much bad code available that it becomes impossible to work on a signature basis with any kind of performance,” he said.
The following is a compilation of potential upcoming threats to look out for in 2010, as predicted by the CA Global Advisory Team, Cisco, Symantec Hosted Services, Websense Security Labs and contributions from a group of security experts at Independent Security Evaluators.
ISE anticipates a major mobile worm attack. “Mobile phones are now small computers always attached to the Internet,” states ISE. “They contain personal information and make for an interesting component of a mobile botnet…. We got a worm this year against jailbroken iPhones… Next year will see the first worm against a major (off-the-shelf) mobile platform such as iPhone or Android.
“A major social networking site (Facebook, MySpace, etc) will shut down for an extended period of time, due to a hacking incident or a virus,” states ISE. “As more information is stored on these sites, they become more of a target.” Additionally, it would be a high profile attack for an attacker wishing to increase their ‘street cred.’ ‘Think Samy Worm except with malicious intent.”
ISE also predicts “a non-trivial break in a currently ubiquitous, trusted cryptographic algorithm” may occur. “There has been a lot of research in SSL lately, the protocol that fuels e-commerce.’ From Marlinspike and Kaminsky’s findings concerning null bytes in certificate names, to the SSL renegotiation bug, 2009 has been a rough year for crypto. This will continue in 2010 with a serious vulnerability in a currently trusted crypto algorithm being disclosed.”
ISE’s fourth prediction involves a major vulnerability discovered and/or a breach of a U.S. utility (power grid, nuclear, etc.). “With talk of cyberwarefare in the main stream media, researchers and attackers will be spending more time looking at SCADA systems associated with utility companies. Either a major flaw will be revealed by a security researcher or something ‘bad’ will happen when an attacker takes advantage of it,” states ISE.
Websense Security Labs noticed botnet gangs mimicking each other in 2009, anticipates the trend to continue in 2010 and expects it will lead to turf wars. “We anticipate more aggressive behaviour between different botnet groups, including bots with the ability to detect and actively uninstall competitor bots,” states Websense. “E-mail will gain “traction again as a top vector for malicious attacks,” states Websense. The company saw a “huge uptake in e-mails being used to spread files and deliver Trojans as e-mail attachments” in 2009.
“2010 will prove once and for all that Macs are not immune to exploits,” states Websense. The company also notes potential for “the first drive-by malware created to target Apple’s Safari browser.” Hackers have “noticed Apple’s rapid growth in market share” and have additional incentive to target Mac users because “many assume Macs are immune to security threats and therefore employ less security measures and patches,” states Websense. CA also highlighted an upcoming focus on Mac OS X, stating “malware actors will focus on the 64-bit and Apple platform.”
“As broadband connection penetration continues to grow across the globe, particularly in developing economies, spam in non-English speaking countries will increase,” states Symantec.
Highly specialized malware aimed at exploiting certain ATMs was detected in 2009 and the trend will continue in 2010, notes Symantec. This includes “the possibility of malware target ing electronic voting systems, both those used in political elections and public telephone voting, such as that connected with reality television shows and competitions.”
“Expect to see the propagators of rogue security software scams take their efforts to the next level, even by hijacking users’ computers, rendering them useless and holding them for ransom,” states Symantec.
Other upcoming software scams include “rogue anti-virus vendors selling re-branded copies of free, third-party anti-virus software as their own offerings,” states Symantec. Specific tricks will be used to bypass User Access Control warnings in Windows 7, according to Websense.
“Another big computer worm like Conficker is likely,” states CA. “The increasing popularity of Web-based applications and discovery of critical zero-day vulnerabilities, especially for new operating systems such as Windows 7 and Google Chrome, present good opportunities for a new worm outbreak.”
Cisco expects “cybercrime techniques that have gone out of fashion to re-emerge in many developing countries.
Symantec predicts “one in 300 IM messages will contain a URL” and “one in 12 hyperlinks will be linked to a domain known to be used for hosting malware” by the end of 2010.
http://www.cio.com/article/511338/Security_Heavyweights_Predict_2010_Threats?source=rss_security