Saying Goodbye to Summer's Security
As anyone who was watching likely noticed, I've been on vacation from just about everything, including this blog, for the better part of the last two weeks.
After a massive push here at my day job at Core Security around Black Hat -- where we relaunched the entire company and its products -- it was a much-needed reprieve from the world of IT security and vulnerability research to flee into the mountains of Vermont for some low-tech R&R.
And, hopefully, as we prepare for the Labor Day weekend here in the States, many of you are enjoying a similar break from the laborious stuff.
However, rest while you can, because all indications are that the fourth quarter of 2008 could end up being a seminal period for cyber-attacks of every kind.
Because between recent trends observed in the hacking and malware space and the confluence of a number of significant sociopolitical events worldwide, it would seem likely that the stage has been set for attackers to ramp up their efforts in new, interesting and substantial ways over the next several months.
Some points to consider to this end:
-ScanSafe reported Aug. 28 that it blocked more malware in July 2008 than it did during the entire calendar year of 2007, and 2007 produced the most malware samples the company has ever seen in a 12-month period ... by a long shot. July followed a 278 percent increase in new attacks blocked by the company during the fist six months of 2008 compared with the year before. So, the train keeps a-rolling in general.
-Malware attacks typically leap during the fall months. No one has ever figured out why exactly this happens, but the long-held theory has been that with the return to school upon us student hackers rejoin the ranks and inflate overall volumes. I personally think that a bigger part of it is that Eastern European cyber-criminals return from their months sunning on the Black Sea hungry to restock their bank accounts, and it probably won't help that the Olympics are over in China either, but this has been the trend either way.
-The presidential race is likely to produce scores of socially driven attacks as hackers say "Yes we can" to politically themed phishing and malware injection schemes, as they already have proven willing to do. John McCain has said publicly that he doesn't use the Internet, while Obama carries a BlackBerry. I wonder who is more insecure here, and who needs to be.
-The continued discord in former Soviet states such as Georgia is generating other socially motivated attacks, as we saw in the last several weeks. Much like the Estonian ISP takedowns of 2007, it would seem likely that there will be more social cyber-warfare on display than ever before as this situation -- and the discord in the Middle East -- continues to play out.
-Q4 is when everyone is trying to make their end-of-year numbers, and you can bet that, just like their legitimate counterparts, malware gangs and hacking groups have their eyes on the prize in hopes of a big pre-Christmas and year-end payday. I'd bet the more organized groups have hard targets to hit to keep their bosses happy, and that those bosses might be even less understanding of failure than a board of aggressive VCs.
So there you have it. Enjoy the weekend, flip some burgers, catch the first football games of the year or MLB's pennant race, and have yourself a nice stiff drink of whatever it is you most enjoy.
The home stretch should be pretty interesting.
Matt Hines has been following the IT industry for over a decade as a reporter and blogger, and has been specifically focused on the security space since 2003, including a previous stint writing for eWEEK and contributing to the Security Watch blog. Hines is currently employed as marketing communications manager at Core Security Technologies, a Boston-based maker of security testing software. The views expressed herein do not necessarily represent the views of Core Security, and neither the company, nor its products and services will be actively discussed in the blog. Please send news, research or tips to SecurityWatchBlog@gmail.com.