Trilight Zone

[tricore]

McAfee Avert Labs has announced its top ten predictions for security threats in the coming year.

The top ten threats looming large over 2007, as per McAfee, are:

The number of password-stealing Web sites is expected to increase using fake sign in pages for popular online services such as eBay. By contrast, the number of attacks on ISPs are expected to decline, while those aimed at the financial sector are expected to remain steady.

The volume of spam will continue to increase, especially image spam which eats up bandwidth, as it is around three times the size of text-based spam.

Hackers will increasingly target MPEG files as a means to distribute malicious code, thanks to the growing popularity of video sharing on the Web.

As mobile devices become 'smarter' and more connected with BlueTooth, SMS, instant messaging, email, WiFi, USB, audio, video, and the World Wide Web, mobile phone attacks will increase. Things like "SMiShing" or phishing by email and porting to SMS would also increase.

With the increase in commercial Potentially Unwanted Programs (PUPs), Adware will go mainstream.

Identity theft and data loss will continue to be a public nuisance with computer theft, loss of back-ups, and compromised Information systems more often than not at the root of these e-crimes.

Hackers will increasingly favor Bots or computer programs that perform automated tasks; however there will be a shift away from Internet Relay Chat (IRC)-based communication mechanisms towards less obtrusive Bots. 'Mules' or work-at-home type jobs offered through very professional-looking Web sites will continue to be an important aspect in Bot-related money spinning schemes.

Currently, parasitic malware, or viruses that modify existing files on a disk, account for less than 10 percent of all malware; however these will make a comeback. In 2006, three of the popular polymorphic parasitic file infectors identified were W32/Bacalid, W32/Polip, and W32Detnat.

Rootkits on 32-bit platforms will increase in number, but the saving grace is that protection and remediation capabilities will also increase.

The number of disclosed vulnerabilities will rise, thanks to the increased use of fuzzers that allow for large scale testing of applications.

McAfee observes that typically, there is a rise in professional
and organized crime in malware creation, sophisticated techniques are becoming the more favored, and threats are increasingly being packed or encrypted to disguise their malicious intent.

Jeff Green, Senior Vice President of McAfee Avert Labs and Product Development, said, "Within a short period of time, computers have become an intrinsic and essential part of everyday life, and as a result there is a huge potential for monetary gains by malware writers."

"As we see sophisticated techniques on the rise, it's becoming increasingly hard for the general user base to identify or avoid malware infections," Green said.

As precaution, McAfee advises users to stay protected, stay constantly updated with the latest Data Definition Files (DATs), install the latest patches, and adopt and implement a multi-layered approach to detecting and blocking of attacks.