Video Screencast Help
Reality Check

Expect These Security Trends to Dominate in 2010

Created: 14 Jan 2010 • Updated: 03 Jun 2014 • 6 comments
Ctrox's picture
+1 1 Vote
Login to vote

Recently, Symantec convened a panel of researchers to review the 2009 threat landscape and to discuss what we can expect in 2010.

The group was unanimous in saying what we saw this year was ugly. Botnets prevailed and took over as a primary means of disseminating spam and spreading malware, while social engineering attacks became more sophisticated.

But the group was also in agreement in saying that what we experienced this year will pale in comparison to what 2010 will bring: “fast flux” botnets will dominate, rogue security software vendors will up their game, and fraud targeted at social networking applications will grow.

That’s the bad news. The good news is that with some preparation and the right security solutions in place, we can continue to outsmart the bad guys.

Here are the security trends that are likely to be noteworthy in 2010: 

  • Social engineering will be the primary attack vector – More and more, attackers are going directly after end users and attempting to trick them into downloading malware or divulging sensitive information under the auspice that they are doing something perfectly innocent. Social engineering’s popularity is at least in part spurred by the fact that it is the actual user being targeted, not necessarily vulnerabilities in a machine. Symantec estimates that the number of attempted attacks using social engineering techniques will increase in 2010.
  • Traditional approaches to antivirus aren’t enough – With the rise of polymorphic threats and the explosion of unique malware variants in 2009, the industry is quickly realizing that traditional approaches to antivirus, both file signatures and heuristic/behavioral capabilities, aren’t enough to protect us. We have reached an inflection point where new malicious programs are being created at a faster rate than good programs. As such, we have also reached a point where it no longer makes sense to focus solely on analyzing malware. Instead, approaches to security that look to ways to include all software files, such as reputation-based security, will be key in 2010. (See “How Reputation-Based Security Transforms the War on Malware.”)
  • Rogue security software vendors will escalate their efforts – In 2010, expect to see the propagators of rogue security software scams take their efforts to the next level, even by hijacking users’ computers, rendering them useless and holding them for ransom. A less drastic next step, however, would be software that isn’t explicitly malicious but is dubious at best. For example, Symantec has already observed some rogue antivirus vendors selling rebranded copies of free third-party antivirus software as their own offerings. (See “Don’t Be Bamboozled by Rogue Security Software.”)
  • Social networking third-party applications will be the target of fraud – With the popularity of social networking sites poised for another year of unprecedented growth, expect to see fraud being leveraged against site users to grow. In the same vein, expect owners of these sites to create more proactive measures to address these threats. As this occurs, and as these sites more readily provide third-party developer access to their APIs, attackers will likely turn to vulnerabilities in third-party applications for users’ social networking accounts, just as we have seen attackers leverage browser plug-ins more as Web browsers themselves become more secure. 
  • Fast flux botnets will increase – Fast flux is a technique used by some botnets to hide phishing and malicious Web sites behind an ever-changing network of compromised hosts acting as proxies. Using a combination of peer-to-peer networking, distributed command and control, Web-based load balancing, and proxy redirection, it makes it difficult to trace the botnets’ original geo-location. As industry counter-measures continue to reduce the effectiveness of traditional botnets, expect to see more botnets using this technique to carry out attacks.
  • Windows 7 will come into the cross-hairs of attackers – Microsoft has already released the first security patches for the new operating system. As long as humans are programming computer code, flaws will be introduced, no matter how thorough pre-release testing is, and the more complex the code, the more likely that undiscovered vulnerabilities exist. Microsoft’s new operating system is no exception, and as Windows 7 hits the pavement and gains traction in 2010, attackers will undoubtedly find ways to exploit its users. 

You can listen to Symantec experts talking about the 2009 threat landscape and offering predictions for 2010 here. More information about these security trends can be found here.

Comments 6 CommentsJump to latest comment

Naor Penso's picture

Social engineering is a hacking method which requires a target, studying and preparation.
I don't think it is likely that this method would be a dominating 2010, its involves too much work, and the people using this method should be intermediate hackers/scammers, which is not the majority of black hats on the net. 
it is more likely that we will see new kinds of worms and viruses that will go wild and infect as many computers it can,
because as of today, spam is still the best business around.

Kind Regards,
Naor Penso

For Forum threads, please click "Mark as Solution" if answered.
For all content, please give a thumbs up if you agree with or support the post.
Thanks :)

+1
Login to vote
kurtsecure's picture

 With all the hype about "smart grid" and other technologies, I have to wonder how long it will be until the hackers start going after our critical infrastructure in a big way.  Any thoughts?

+1
Login to vote
cjbushman's picture

In the past year or so we have seen a dramatic shift in the way breaches occur.  Primarily, breaches are coming from organized crime who have dedicated teams to each stage of attack, inflitration, discovery, capture and exflitration.  We also see these organized attacks occuring more frequently in public utilities and other critical infrastructure industries.  In a recent article from networkwold, they discuss this very topic.  Check out the story at http://www.networkworld.com/news/2010/012710-ddos-oil-gas.html in which energy industries are particularly seeing a spike in hacks.  They state, "The CSIS survey also found distributed DoS attacks were "particularly severe" in the energy/power and water/sewage sectors, where attacks were usually aimed at computer-based operational control systems, like SCADA."   eWeek last year discussed the issue of energy sector attacks from foreign entities in an article here: http://www.eweek.com/c/a/Security/Electric-Power-Grid-Hack-LightsUp-Cyber-Security-Infrastructure-Experts-389549/

Regardless of the industry, companies everywhere need to properly protect their infrastructures.  Every CISO's nightmare if becoming tomorrow's headlines.

+1
Login to vote
Chinchilla's picture

I keep hearing about reputation based technologies but I'm not so certain this greatly differs from Signature based methods. In the end you're still playing catch-up by being forced to monitor and catalogue processes and files in order to come up with rulesets that can catch malware.

+3
Login to vote
sbertram's picture

Wonder where identity theft feel on the list? 

+3
Login to vote
vivek123's picture

No matter how much safety precautions we take there will always be flaws. Because like this article says about windows seven we are humans no matter how well we try to rectify it there will be loopholes in our creation..........there will be always someone better out there who can find the flaws in our programming .the only solution we have is hope that they don't find cracks in our protection easily up till now Symantec has been successful in achieving that

Vivek  

+1
Login to vote