Of all the potential security evolutions expected to manifest themselves during 2010, smarter social engineering will remain the leading issue, researchers report.
As security defense mechanisms continue to get stouter and trends like mobile malware and attacks on Apple Mac technologies will continue to play out on a smaller scale, the efforts of scammers and cyber-criminals to cash in on end users’ mistakes will still be the most important trend to follow over the next year, experts with PandaLabs contend.
Overall, PandaLabs said that it expects the sheer volume of malware threats to jump exponentially as it did again during 2009 – the biggest year yet for such attacks and one that follows in the pattern of annual record malware proliferation which has played out over roughly the last decade.
And attackers will continue to ratchet up the social engineering aspects of their efforts to help keep their criminal enterprises going strong, the researchers said. Rogue AV, arguably the most pervasive malware delivery technique exercised during 2009, is also expected to again lead the way.
“As anti-malware technologies are able to respond closer to real-time through cloud-based innovations, malware creators will respond by generating even more diverse threats to evade detection and elimination,” PandaLabs experts said in a blog post. “Once again malware will be designed almost exclusively for financial gain, and we can expect to see many new fake antivirus strains (rogueware), bots and banker Trojans.”
Among the most popular angles that PandaLabs expects attackers to employ during 2010 will be efforts to taint popular search engine results with malware-infected web sites, or the use of so-called “black hat SEO.” Tactics aimed at targeting users of social networks will also remain in heavy rotation.
Events that will likely draw significant interest from threatsters will include the World Cup of soccer, which will be held in South Africa, researchers predict.
In terms of specific technologies to be wary of, Windows 7 will see a good deal of development related to new attacks, as scammers seek to keep pace with the tools most commonly found on end users’ machines.
While threats targeting mobile devices and Apple Mac computing platforms will also attract significant interest from criminals, attention given to the latest Microsoft OS will likely still outpace those other potential targets, PandaLabs estimates.
Other noticeable trends will include greater interest and awareness in ongoing “cyber-war” activities going on in the international domain, and increased use of cloud based defenses to help organizations share intelligence and stay ahead of attacks, according to the researchers.
So, all in all look for more of what we saw in 2009, just on a wider scale in 2010.
Nothing ever changes around here.
Follow eWeek Security Watch on Twitter at: eWeekSecWatch.
Matt Hines has been following the IT industry for over a decade as a reporter and blogger, and has been specifically focused on the security space since 2003, including a previous stint writing for eWeek and contributing to the Security Watch blog. Hines is currently employed as marketing communications manager at Core Security Technologies, a Boston-based maker of security testing software. The views expressed herein do not necessarily represent the views of Core Security, and neither the company, nor its products and services will be actively discussed in the blog. Please send news, research or tips to SecurityWatchBlog@gmail.com.