Burgeoning Web 2.0 platforms will figure significantly in the IT threat landscape in the coming year, say researchers for security vendor Websense.
The company anticipates hackers will use profile information and the demographics of specific social networking sites to better target their attacks. And the proliferation of social networking applications, widgets and mash-ups increases the likelihood of “weak link” attacks on vulnerable sites and content.
Those are two of the trends the company outlined in its Top 10 list of security threats for 2008.
Attackers are relying on “transitive trust,” says Stephan Chenette, manager of the San Diego, Calif., vendor’s security lab. Ads, mash-ups and widgets that are appearing on trusted sites are hosted in another location. “That site isn’t responsible” for the code, which could draw the user to a malicious site.
“A lot more spam messages are claiming to be from Facebook and other social networking sites,” Chenette says. Because people are used to receiving Facebook messages and clicking on requests, they’re more likely to respond.
“It’s that moment of trust when they see it and click.”
The renaissance of the Apple brand, thanks in large part to phenomenal iPhone sales, means users who were once protected by hackers’ lack of interest in the platform because of its small footprint in the consumer market will see more attacks targeting Macs.
“Both Mac and Linux users in the past assumed security,” says Chenette. “With the increased usage of Macs, there will be more Mac attacks.” And while any smart phone is vulnerable, the iPhone will be particularly targeted because of its popularity.
Malicious sites are also using browser and operating system detection to target attacks to specific platforms, he said.
And the company anticipates large-scale denial of service attacks, fraud and phishing associated with the summer Olympics in Beijing. Event-based attacks are common, Chenette says. The Web site for the NFL football Miami Dolphins franchise was hacked and mined with exploit code last January in the weeks leading up to the NFL championship game, which was hosted in Miami.
“The event occurred just before the Super Bowl, when the hackers knew there would be a lot of traffic,” he says.
Also, China ranks with Russia and Brazil at the top of the list of sources of malware, phishing attacks and other exploits. Chenette predicts an associated spam run or hack of the site.
Other threat trends to watch for, according to Websense:
- Spam and fraud will cross over to the ever-growing cell phone population, and “vishing” attacks will target voice over IP users, luring them to input credentials over the phone line.
- Hackers will increasingly use Web spam in forums, blogs and commentary areas of news sites to drive surfers to malicious Web sites.
- More attacks will be launched from compromised sites – otherwise legitimate Web sites that have been altered to host a malicious payload – than from sites created by attacker for that specific purpose.
- Polymorphic JavaScript, or Polyscript, will be used to serve up a uniquely coded Web page for every visit to a malicious site, making it difficult for signature-based scanning technologies to detect.
- The use of data concealment technologies such as embedding data within protocols and media files will increase.
But Websense researchers also predict a worldwide cracker crackdown by law enforcement, and the arrest of key members of a hacker group.
The Storm attack is the largest professional botnet play in the history of the ‘Net, and its exposure means the location and patterns of the creators can’t elude authorities forever.
“We predict key members of organized attacks are going to be taken down” in the next year, Chenette says.