Research analysts at Gartner are predicting a sticky web of security hazards -- ranging from targeted financial attacks to spyware to rootkits -- for IT professionals during the next two years.

Gartner released the list of six threats on Monday during its IT Security Summit in London, part of the company's "hype cycle" reports that track technology trends. The threats, Gartner said, have a "potential to inflict significant damage" on businesses. They are:

Cyberattacks with a financial motive: Criminals may try to steal customer data or information to hurt a company's reputation. Corporations should run more penetration tests to detect network holes and install more aggressive intrusion-detection systems, along with the usual signature-based antimalware software.

Identity theft: While the number of victims has remained steady, defenses against these attacks -- which seek to assemble enough personal information, for example, to a open bank account in someone else's name -- are still poor. Companies can defend themselves with stronger authentication methods, encryption, better access control and database monitoring.

Spyware: This insidious software often transparently infects computers, recording actions such as keystrokes. Over the next two years, 20% to 50% of companies will become infected with spyware, Gartner said. Companies should look for antivirus and antispam functions in antispyware software.

Social engineering: Clever tricks by cybercriminals can dupe users into revealing sensitive network information. Users, for example, could be tricked into downloading a malicious software program if they think it came from a co-worker. Clear and consistent security policies will prevent users from making mistakes such as sending confidential information to a competitor.

Viruses: This perennial problem remains. Companies should deploy security software that uses updated signatures, which detect new variations of malware, to stop infections. IT administrators also should improve patching and vulnerability detection techniques.

Rootkits: Gartner predicts increasing trouble from rootkits over the next five to 10 years. These modified system files are difficult to find because they bury themselves within an operating system. From there, rootkits could offer an attacker the same control as the computer's administrator.

The IDG News Service is a Network World affiliate.

Whitepapers

• The Trend from UNIX to Linux in SAP(r) Data Centers
• Getting in Compliance With Government Data Regulations By Leveraging Online Security Technology
• How to Offer the Strongest SSL Encryption
• Maximizing Site Visitor Trust Using Extended Validation SSL
• Seven Steps to Reducing your Security Risk
• The Latest Advancements in SSL Technology

View more SECURITY whitepapers

Webcasts

• The Secure Web Gateway. Mission Critical For Business - Webcast
• Mobile Data Security
• Best Practices for Deploying WAN Optimization for Disaster Recovery
• Solutions to the Toughest IT Challenges in Remote Offices
• Lowering the Cost of Email Archives
• High Availability for SQL Server 2005 Using Array-Based Replication and Host-Based Mirroring Technologies

View more SECURITY webcasts

Special Reports

• The Evolution of Network Security
• Taking Virtualization Up a Notch
• The self-managed network

View more SECURITY special reports