Rising security threats from mobile, social networks

  • Windows 7 will gain market share during 2010. Windows XP will drop below 50% market share overall and will thus reduce the amount of "low hanging fruit." This will improve Internet security in affluent countries and it will perhaps begin to create malware ghettos in less affluent countries as cyber-criminals concentrate their efforts on the remaining installed base of Windows XP. Whether attackers continue to focus on Microsoft Windows alone or whether they diversify to include OSX and mobile platforms remains to be seen.
  • Real-time support in search engines such as Google and Bing will affect the frequency and manner of Search Engine Optimization (SEO) attacks.
  •  The 2010 FIFA World Cup will generate a good number of related trojans, fake ticket shops, spam, online shop hacking, and DDoS attacks. There could already be SEO attacks months before the matches actually take place in June. South Africa's mobile phone networks will be a hotbed of activity during the games.
  • Web search results leading to "location based attacks" using geo-location IP address techniques will increase. They will be localized in terms of language, current news events, and even regional banks that they target.
  • There will be more attacks against online banks with tailor-made trojans. There will be more iPhone attacks, possibly also proof-of-concept attacks on Android and Maemo. We could also see a 0-day vulnerability used in a large scale exploit.
  • More snowshoe spamming. Snowshoe spamming is a technique used by spammers to spread spam output across many IPs and domains, in order to dilute reputation metrics and evade filters, just like a snowshoe spreads the load of a traveler across a wide area of snow.
  • At least one large-scale DDoS attack against a nation-state is likely.
  • We may see a large-scale internal attack against a target such as Google Wave.
  • There will be more attacks on social networks such as Facebook, Twitter, Myspace, Linkedln, etc. Facebook has now reached 350 million accounts and its growth doesn't yet show signs of slowing. This concentration of people and data is a very tempting target for cyber-criminals to exploit.
  • As internet search engines and social networking sites work towards "social search results", we'll see black hat social search optimization attacks.
  • As more people connect via the mobile networks, the amount of traffic and activity such as banking, gaming, and social networking increases in step. With mobile banking and in-game purchasing gaining popularity, the financial motivation becomes stronger to spy on such transactions. Integrated social networking applications are also driving mobile phones users to be "always connected." Cyber-criminals will use social engineering to exploit this trend.
  •  Attacks related to online games will continue. Such sites and games are particularly popular in the Asia-Pacific region. Not enough focus is put on securing them and the problem will be further fuelled by the fact that many users are younger and therefore more vulnerable to experienced cyber-criminals.
  • There will be significant data base compromises that lead to tailored attacks. Cyber-criminals now have the resources to analyze, plan, and carry out mass-targeted attacks.

Read more about F-Secure's security threat forecast at http://www.f-secure.com/weblog

BACK TO 2010 PREDICTIONS

Suggested Articles

Wireless operators can provide 5G services with spectrum bands both above and below 6 GHz—but that doesn't mean that all countries will let them.

Here are the stories we’re tracking today.

The 5G Mobile Network Architecture research project will implement two 5G use cases in real-world test beds.