In 2008, look for a rising number of compromised Web sites that quietly attack unsuspecting visitors, "parasitic" malware that eats desktop files, and a stream of exploits targeting high-profile events such as the 2008 Olympics and the U.S. presidential elections, security experts warn.
It was the year of the data breach in 2007, with the TJX fiasco topping a long list of data heists. So what afflictions are in store for 2008?
Look for a rising number of compromised Web sites that quietly attack unsuspecting visitors, “parasitic” malware that eats desktop files, and a stream of exploits targeting high-profile events such as the 2008 Olympics and the U.S. presidential elections, experts warn.
The 2008 Olympics in China “is a global worldwide news event, and Web sites and networks for it are potential places to infect people,” says Dan Hubbard, vice president of security research at Websense, the firm that spotted the infected Super Bowl sites last February.
“The 2008 Olympics will be used as a lure for fraud, too. Massive amounts on an international scale,” Hubbard adds.
The U.S. presidential election in ’08 will provide another high-profile opportunity for attackers and fraudsters.
During the Presidential race in 2004, “we saw phishing against the Edwards campaign,” says Oliver Friedrichs, Symantec’s director of emerging technologies. “And there was a denial-of-service attack against the Lieberman site.”
This time around the possibilities include a criminal or extremist supporter registering a typo-domain that mimics the Web site of a political opponent, and when contributions come in, they’re either pocketed or contributed to someone else’s campaign, Friedrich says.
Many observers predict botnets will mimic the success of 2007’s most infamous one -- Storm -- by using decentralized command-and-control structures to make them much tougher to shut down.
“Storm is a trend setter,” says Craig Schmugar, researcher at McAfee. “A lot of the spam we see is coming across Storm-compromised machines.”
Schmugar adds that the security firm is seeing a malware wave of “parasitics,” which look for specific files and embed themselves.
“We’ve seen a 400% increase in parasitics such as Philis in 2007; Virut is active and Almanahe, which has a rootkit,” Schmugar says. To combat infection by parasitics, “you have to isolate the parasitic code within the host code,” he notes. “If it overwrites the good code, you may never get it back.”
Jon Gossels, president of consultancy SystemExperts, says the online threat profile has certainly shifted from the classic teenage hacker to one where organized crime, hostile foreign governments and industrial espionage are more dominant concerns.
But for security managers, the day-to-day struggle is likely to focus on achieving regulatory compliance, Gossels says. He notes there will be at least one new Payment Card Industry standard for application security next year. And in the healthcare arena, there’s a renewed push for security in part because the U.S. Department of Health and Human Services for the first time has begun enforcement actions and levied fines based on complaints.
“This is all driving a lot of interest in data-leak prevention,” Gossels says. “There will be a lot of focus on that next year.”