If this year will be remembered for high-profile data breaches, with the TJX break-in topping a long list, then what troubles are in store for 2008?
Predictions include more powerful hacker botnets that elude shutdown and growth in numbers of compromised Web sites that attack trusting, unsuspecting visitors. Those are some of the picks from Symantec’s director of emerging technologies, Oliver Friedrichs. A rundown of his top five:
“Today’s bots are fairly centralized with a command-and-control center,” he says. “In the future, they’re going to be more peer-to-peer, and it will make bots more difficult to take down.” Friedrichs says the Storm worm is the best example so far of a decentralized botnet. “It surfaced in January, and it’s still going strong.”
In particular, trusted Web sites that are compromised, with attackers loading them up with malicious code to attack unsuspecting visitors. The year started with the hack of the Web sites of Dolphin Stadium and the Miami Dolphins right before the Super Bowl game, causing them to dispense attack code to visitors. Social-networking sites appear to be ripe for this approach. The recent hack of Alicia Keys' Web site on MySpace is likely a harbinger of more to come.