- Nokia's new N97 vs. the iPhone
- Talk-powered cell phones?
- FBI: Copper thieves jeopardize U.S. infrastructure
- 10 Microsoft research projects
- Smartphone smackdown: Storm vs. iPhone
It was the year of the data breach in 2007, with the TJX fiasco topping a long list of data heists. So what afflictions are in store for 2008?
Look for a rising number of compromised Web sites that quietly attack unsuspecting visitors, “parasitic” malware that eats desktop files, and a stream of exploits targeting high-profile events such as the 2008 Olympics and the U.S. presidential elections, experts warn.
The 2008 Olympics in China “is a global worldwide news event, and Web sites and networks for it are potential places to infect people,” says Dan Hubbard, vice president of security research at Websense, the firm that spotted the infected Super Bowl sites last February.
“The 2008 Olympics will be used as a lure for fraud, too. Massive amounts on an international scale,” Hubbard adds.
The U.S. presidential election in ’08 will provide another high-profile opportunity for attackers and fraudsters.
During the Presidential race in 2004, “we saw phishing against the Edwards campaign,” says Oliver Friedrichs, Symantec’s director of emerging technologies. “And there was a denial-of-service attack against the Lieberman site.”
This time around the possibilities include a criminal or extremist supporter registering a typo-domain that mimics the Web site of a political opponent, and when contributions come in, they’re either pocketed or contributed to someone else’s campaign, Friedrich says.
Many observers predict botnets will mimic the success of 2007’s most infamous one -- Storm -- by using decentralized command-and-control structures to make them much tougher to shut down.
“Storm is a trend setter,” says Craig Schmugar, researcher at McAfee. “A lot of the spam we see is coming across Storm-compromised machines.”
Schmugar adds that the security firm is seeing a malware wave of “parasitics,” which look for specific files and embed themselves.
“We’ve seen a 400% increase in parasitics such as Philis in 2007; Virut is active and Almanahe, which has a rootkit,” Schmugar says. To combat infection by parasitics, “you have to isolate the parasitic code within the host code,” he notes. “If it overwrites the good code, you may never get it back.”
Jon Gossels, president of consultancy SystemExperts, says the online threat profile has certainly shifted from the classic teenage hacker to one where organized crime, hostile foreign governments and industrial espionage are more dominant concerns.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment