The Hindu Business Line : Online security threats to rise further

Pune, Dec. 29 Explosion of malware variants, advanced Web threats, economic crisis, increased spam levels, virtual machine security, the ‘cloud’, increased use of rich Internet applications such as flash and google gears for malicious purposes, attackers taking advantage of the programmable Web, continued siege against Web sites with ‘good’ reputation… these are some of the predictions in the security arena for 2009.

Mr Amit Nath, Country Manager, India and SAARC, Trend Micro, says hackers would use techniques that closely resemble normal codes and continue to use internet browsers and other Web-able applications such as Flash and streaming media players as the infection vector of choice.

Although threats exploiting bugs on “alternative” operating systems like Linux and Mac will persist, Microsoft will remain a favourite target of malware authors. “With the release of Windows 7 in 2009, cybercriminals will definitely make efforts to debunk any claims that new Windows will be “virus-free”. Proof-of-concept malware will take advantage of Microsoft Surface, and as mentioned earlier, threats will also exploit Silverlight and Azure,” he said.

‘Cloud’ attack

Mr Manish Bansal, Marketing Manager, Websense India, is of the opinion that there would be an increase in the misuse of ‘cloud’. The cloud may be used simply to send spam or to launch more sophisticated attacks including hosting malicious code for downloads, uploading stats, and testing malicious code.

With the growing adoption of browser-based Web applications, the Rich Internet Applications (RIA) security is an afterthought. It would see some large-scale attacks using both exploits found within the core RIA components as well as the user-created services that allow attackers to remotely execute code on user’s machines.

On economic issues

Mr Shantanu Ghosh, Vice-President, India Product Operations, Symantec, is of the opinion that the global economic crisis would be the basis of many new attacks. This will include phishing attacks (e.g. whose fictitious premise might surround the closing of a given bank).

Similarly, attacks may also exploit other types of fraudulent activity such as around the economic issues including e-mails that promise the ability to easily get a mortgage or refinance. “Expect to see an increase in scams that prey on people who have had homes foreclosed, an increase in work-from-home scams targeting the unemployed and an increase in spam that mimics job sites.”

Targets

Through 2008, Internet use in China overtook that of the US. Based on this rapid growth and early spam samples, MessageLabs experts predict that in 2009 the emerging markets will be more heavily targeted with spam delivered in the local language.

Growth in foreign language spam, especially Asian character spam, would increase from present five per cent to around 10 per cent. Mr Nath added that cyber criminals were becoming adept at leveraging the “exploit window of opportunity” by introducing Zero-Day exploits immediately after Microsoft’s monthly ‘Patch Tuesday’ exercise.

Their timing shows the more professionalised approach to maximise the “time-to-exploit” opportunities, and “we will see more of this in 2009.”

Related Stories:
Perils of wireless Internet
New threats to the Net