2009 Predictions - Bank on More Attacks
It's that most wonderful time of the year, when security researchers begin making their (typically dire) predictions for the calendar that lies immediately ahead of us.
And, like most other market-oriented prognostications being offered up these days, experts are projecting that the cyber-security landscape is largely expected to become only more discouraging in the coming twelve months.
However, 2008 will, imho, be regarded in some ways as a truly landmark year for security improvements.
From watching Brian Krebs and a gang of other like-minded researchers shut down McColo, to seeing Garth Bruen of KnujOn turn the heat up on ICANN (and force them to better police shady registrars), to last week's release of the CSIS recommendations to the 44th White House administration for improving our nation's electronic defenses... a handful of really positive things, pointing to some very beneficial trends, have indeed occurred this year.
But, before we allow ourselves to see the good in where we've been I suppose it's only prudent to consider the bad that is likely still yet to come, and thus we review the rather doomy and gloomy projections issued by hosted Web security provider ScanSafe earlier today.
The big picture, according to the firm, is that we'll see more of the same, in particular greater volumes of Web-borne malware, over the next year -- with much of the more finitely-targeted varieties expected to arrive, specifically campaigns aimed at companies handling real money, such as banks and credit card processors.
ScanSafe predicted that customized threats targeted at publicly-held companies will likely continue to rise in '09, though it said that many of those attacks will actually be aimed at stealing valuable intellectual property, versus personal data. A full range of threats including everything from rootkits to password stealers will be enlisted to that end, the researchers said.
Overall, users will likely be exposed to a rising rate of 6 percent more Web-based attacks per month across 2009, the experts said. That equates to a 16 percent increase in attacks over the course of the entire twelve months.
Web-based credit card schemes may in fact decrease in overall numbers in 2009, according to Scansafe, but the flip side of that trend is that more of the remaining attacks, in particular phishing threats, will be highly sophisticated in nature. Part of the shift is based on the fact that financial services companies are doing a better job of informing their customers how they use electronic means to communicate, and improving their own Web-based defenses.
However, as fraudulent credit card billing campaigns have decreased as a result of those efforts, attempts to directly access accounts may spike, the company said. In addition to a loss of customer confidence in online applications, another offshoot of the continued Web-based threat activity will likely be a downturn in online advertising revenues, as more and more consumers and organizations have installed pop-up blockers and the like, therein making it even harder for ads to reach their intended targets.
Yet, even ScanSafe researchers agreed that progress made in 2008 should equate to some improvements moving forward.
"2008 has proven that we are not taking enough action against online criminal activity, hence the huge surge in online attacks [but] I believe that 2009 will send a stern message to online criminals and we will see a push for tighter enforcement over domain registrations and hosting," said Mary Landesman, senior security researcher at ScanSafe. "Attackers often instigate these attacks for financial gain and given the current economy I suspect this motivation will only increase; in an 'always on' world and with increasingly sophisticated attacking techniques, it is only a matter of time before these criminals maximize attempts to directly access online banking accounts potentially leading to a loss in customer confidence."
Like the 2008 McColo takedown and the work to push ICANN to disable nefarious registrars, ScanSafe predicts that one of the positive trends of 2009 will be even greater work to pressure organizations like registrars and ISPs to prevent cyber-thieves from misusing their services.
"Domain registrars and hosting providers have played a pivotal role in the ongoing website compromises; a lack of controls or poor implementation of existing controls provides attackers with the ability to register and host malicious domains with ease," ScanSafe observed. "In some cases, hosting providers re-release suspended domains back to the attackers, thus exacerbating the problem by causing previously compromised sites which have not yet been cleaned to once again become active malware distributors. 2009 should witness a push for tighter controls over domain registrations and hosting."
So, I guess the major difference between 2008 and 2009 is that there is some expectation that things will improve in the world of online security; and actually, compared to the last few years, that'll be a pretty big deal... if it happens.
Matt Hines has been following the IT industry for over a decade as a reporter and blogger, and has been specifically focused on the security space since 2003, including a previous stint writing for eWeek and contributing to the Security Watch blog. Hines is currently employed as marketing communications manager at Core Security Technologies, a Boston-based maker of security testing software. The views expressed herein do not necessarily represent the views of Core Security, and neither the company, nor its products and services will be actively discussed in the blog. Please send news, research or tips to SecurityWatchBlog@gmail.com.