Wednesday, December 12, 2007

10 Security Trends and Predictions

A Snapshot of the X-Force team's annual report

  1. The VOLUME OF SPAM DOUBLED from 2005 to 2006. The U.S., Spain and France are the three largest originators of spam.
  2. Local-Language spam will grow as cyberprowlers increasingly target specific countries. Currently, 93 PERCENT OF SPAM MESSAGES are written in English.
  3. FOUR OF THE TOP FIVE COUNTRIES targeted by phishing scams are also part of the top 10 countries hosting shopping and banking websites. These include the U.S., U.K., Germany and Canada.
  4. The quantitiy of "unwanted" Web content such as VIOLENCE, CRIME, PORNOGRAPHY AND SEX NEARLY DOUBLED IN 2006. The U.S. is the top hosting site for this content, followed by South Korea.
  5. Image-based spam techniques will grow increasingly sophisticated. In 2007, NEW FORMS OF IMAGE-BASED SPAM likely will evade exisitng protection solutions.
  6. Much like a biologic virus, MALWARE WILL CONTINUE TO EVOLVE and change characteristics. The classic malware groups (virus, rootkit and spyware) will blend, making stand-alone security products less relevant in 2007.
  7. Web exploit obfuscation and encryption technologies are increasingly popular, making it dificult for signature-based INTRUSION DETECTION and prevention products to detect attacks.
  8. HACKERS ARE INCREASINGLY TARGETING WEB BROWSERS. Managed exploit providers are purchasing exploit code from the underground, encrypting it so that it cannot be pirated, and selling it for the top dollar to spam distributors. As a result, signatured-based protection systems will become less effective in 2007.
  9. NEW OPERATING SYSTEM RELEASES - coupled with new applications for those operating systems - will likely push the number of vulnerabilities higher in 2007.
  10. Vulnerabilities are not a Windows- or Microsoft-specific problem. In fact NEARLY 97 PERCENT OF VULNERABILITIES don't involve Microsoft's software.

No comments: