2010 Cyberthreat Forecast From Kaspersky Lab
When asked about what will happen in 2009, a rise in global epidemics was at the top of Kaspersky Lab's prediction list. With the year not quite having closed out, Kaspersky Lab, a leading developer of Internet threat management solutions that protect against all forms of malicious software, has already seen that prediction to be true. 2009 was dominated by sophisticated malicious programs with rootkit functionality, Conficker, web attacks and botnets, SMS fraud and attacks on social networks.
With the start of 2010 quickly approaching, researchers and analysts from Kaspersky Lab have come up with a list of six predictions for what will be the New Year's greatest threats and newest attack vectors.
- A rise in attacks originating from file sharing networks. In the coming year we will see a shift in the types of attacks on users, from attacks via websites and applications toward attacks originating from file sharing networks.
- An increase in mass malware epidemics via P2P networks. In 2009 a series of mass malware epidemics has been "supported" by malicious files that are spread via file sharing networks. This method has been used to spread notorious threats such as TDSS and Virut as well as the first backdoor for Mac OS X. In 2010, we expect to see a significant increase in these types of incidents on P2P networks.
- Continuous competition for traffic from cybercriminals. The modern cybercriminal world is making more and more of an effort to legalize itself and there are lots of ways to earn money online using the huge amount of traffic that can be generated by botnets. In the future, we foresee the emergence of more "grey" schemes in the botnet services market. These so-called "partner programs" enable botnet owners to make a profit from activities such as sending spam, performing denial of service (DoS) attacks or distributing malware without committing an explicit crime.
- A decline in fake anti-virus programs. The decline in gaming Trojans witnessed in 2009 is likely to be repeated for fake anti-virus programs in 2010. Conficker installed a rogue anti-virus program on infected computers. The fake anti-virus market has now been saturated and the profits for cybercriminals have fallen. Additionally, this kind of activity is now being closely monitored by both IT security companies and law enforcement agencies, making it increasingly difficult to distribute fake anti-virus programs.
- An interest in attacking Google Wave. When it comes to attacks on web services, Google Wave looks like it will be making all the headlines in 2010. Attacks on this new Google service will no doubt follow the usual pattern: first, the sending of spam, followed by phishing attacks, then the exploiting of vulnerabilities and the spreading of malware.
- An increase in attacks on iPhone and Android mobile platforms. 2010 promises to be a difficult time for iPhone and Android users. The first malicious programs for these mobile platforms appeared in 2009, a sure sign that they have aroused the interest of cybercriminals. The only iPhone users currently at risk are those with compromised devices; however the same is not true for Android users who are all vulnerable to attack. The increasing popularity of mobile phones running the Android OS combined with a lack of effective checks to ensure third-party software applications are secure, will lead to a number of high-profile malware outbreaks.
Quote: Roel Schouwenberg, Senior Malware Researcher
Kaspersky Lab Americas
"Malware will continue to further its sophistication in 2010 with specific malware families requiring significant resources from anti-malware companies to adequately fight them. Third party program vulnerabilities will continue to be the target of choice by cybercriminals with Adobe continuing to be the main target. And finally I believe that with the introduction of real-time search, black hat SEO and social networks will become an even bigger focus of cybercriminals."
Press Release Dictionary:
- File sharing network: A network where distributing or providing access to digitally stored information takes place.
- P2P networks: A network where the architecture is composed of participants that make a portion of their resources directly available to other network participants, without the need for central coordination or hosts.
- Denial of Service (DoS) attacks: An attack that attempts to make a computer resource unavailable to its intended users.
- Fake anti-virus program: A malicious program disguised to look like a real anti-virus program. The fake program will usually trick users into paying money to 'clean' their machines from fake infections, thus causing the malicious program to gain control of the machine