E-Threats Forecast for 2010

The Downadup worm (also known as Conficker or Kido) took a dramatic surge and managed to stay one of the top three global -threats during 2009. Although not entirely dangerous (as variants A, B and C had no malicious payload), its spreading mechanisms and its resistance to detection may be regarded as the cornerstone of the upcoming breeds of highly-destructive malware.

Botnet activity

Botnets are the core of most of the businesses involving malware. They are relatively easy to maintain and they provide a criminal organization with unimagined computing power for multiple purposes, such as sending spam, performing distributed denial-of-service attacks or pay-per-click revenue abuse.

• Spam sent by botnets will keep their ascending pace we witnessed in 2009
• Distributed denial-of-service attacks will also increase, as more and more Internet users switch from cable modems to high-speed Internet connections such as optical fiber or broadband wireless. The attackers will mostly focus on financial institutions, web-based casinos or large companies to force them pay amounts of money in exchange of "protection".

Malicious applications

The vast majority of malicious applications are oriented towards illicit financial gains. BitDefender estimates that the next year will bring an increased amount of malware, especially of adware applications and rogue antivirus software. More complex malware, such as rootkit-based file infectors and worms relying on multiple vectors of infection (e-mail, instant messaging and peer-to-peer protocols), are also expected.

Social networking

Building on their experience with Facebook and Twitter, malware authors are expected to extend their reach with the new Google Wave, as the search engine's instant messaging service gains popularity. Facebook and Twitter will also stay in attackers' crosshair, given the fact that Facebook has surpassed 350 million users. Spam and phishing attempts targeting social networking users are also expected to rise.

Apart from the fact that social networking websites are expected to become one of the most important vectors of infection, they are also likely to trigger other security incidents such as involuntary public disclosure of sensitive information.

Operating systems

Microsoft's newly-launched operating system Windows 7 has proved to be much safer than its predecessors. However, as users transition from XP and Vista to Windows 7, malware authors will focus on finding software vulnerabilities and security breaches in the operating system.

Apple Mac OS X users should also consider adopting an anti-malware suite in order to avoid trouble. Apart from the usual spam and phishing attempts that are platform-independent and target any computer user connected to the Internet, Apple's transition to the Intel hardware platform will unleash new opportunities for attackers that are currently writing malware for Windows.

Mobile operating systems

The latest iteration of iPhone (the 3GS family) dramatically increased the iPhone user-base, and many of them have decided to jail-break the operating system in order to install third-party applications. Jail-breaking involves activation of the SSH service with a default password and root access. BitDefender expects that 2010 will bring new e-threats focusing on the rapidly-growing mobile platform, especially worms and password-stealing Trojans.

On the contrary, Android and Maemo users will be spared. Given the fact that their market share is still insignificant as compared to Windows Mobile, Symbian and iPhone OS, malware authors will not focus their efforts on finding vulnerabilities, but rather strengthen their efforts on social engineering attacks.

Enterprise threats

Microsoft's Windows Server 2008 R2 Hyper-V and the VMWare vSphere virtualization technologies have opened new opportunities for small and medium businesses. Accommodating multiple servers to a single machine with virtualization will dramatically contribute to cutting down on costs. During 2010, remote attackers are expected to look for vulnerabilities in software that would allow them to seize control over the hypervisor and, implicitly, on all the virtual machines deployed on the system.

Cloud computing services are also living their heyday. No matter whether they are used for e-mailing (such as Google' Gmail service) or for data storage and backup, the cloud technologies hold and process significant amounts of sensitive data. It is just a matter of time until attackers shift their focus on these infrastructures to seize control over or limit access to these cloud resources.

Netbooks and PDAs will slowly become security risks in corporate environments as their adoption ramps off. These intelligent devices are extremely small; in fact, they are so small that can be easily lost or snatched by a thief. If their physical value is sometimes negligible, the data stored on the local HDD is priceless. Since netbooks do not come with Trusted Platform Modules or other types of hardware / software encryption and cannot be managed remotely (in order to wipe the HDD clean in case of loss/theft), sensitive information may land into the wrong hands.