I was recently asked to share some predictions about what 2010 will bring in the security space. I asked some colleagues from ESET Research to share their thoughts as well -Randy
Randy Abrams
Director of Technical Education
Social Engineering attacks will continue to grow in prevalence. As operating systems and eventually applications become more secure, the easiest way to steal money from people or install malicious software will be to trick them. Part of this will be driven by adoption of Windows 7. Computers sold with Windows XP, with a few exceptions, such as newer netbooks, are beginning to age and will be replaced with PCs that have Windows 7. The increased security in Windows 7 means that tricking the user is far more viable than exploiting the OS for most criminals.
Third party applications will bear the brunt of vulnerability attacks. Security improvements in operating systems will continue to drive vulnerability research to applications like Safari, iTunes, Adobe Flash, Adobe Reader, many IM clients and other applications. Unfortunately, users are far less savvy about patching 3rd party applications than they are about patching the operating system
While the number of attacks against “jailbroken” iPhones is likely to increase, the number of infected or affected devices will likely decrease. The reason for a decrease is that in many cases the affected user incurs data charges and so they are motivated to do things like changing default passwords. Those who have flat rate data plans will be far more likely to continue to neglect security.
ISPs will increasingly implement technologies to identify users who are infected and take measures to block access to the internet until the user’s machines are cleaned up. It will probably be a few years before these ISPs are the norm, rather than the exception, but still the prevalence of such practices will increase.
Data breaches/losses will grow in scope as people put their data in the cloud. Cloud systems security is still fairly young. The aggregation of data will make many Cloud service providers attractive targets. We’ve already seen this as web hosting providers and credit card processing businesses have been targeted.
Pierre-Marc Bureau
Sr. Malware Researcher
Aryeh Goretsky
Distinguished Researcher
Increased targeting of social networks, such as Facebook, LinkedIn, Twitter in the US, Orkut and Hi5 in South America, from both a social engineering standpoint and looking for cross-site scripting and wormable attacks on the web sites as well as their APIs.
Continued research into weaknesses in virtualization will lead to new attacks, but will remain largely impractical, e.g., attacker needs direct access to a server's hardware in order to perform the action.
Online games will continue to be targeted, as virtual assets such as an-game currencies or scare resources can be re-sold for real money, especially in Asia.
Increased research into attacks on gaming consoles, but with limited results due to the closed-wall nature of their Internet service.
Increased research into attacks on wireless networking (802.11n Wi-Fi, WiMAX, cellular broadband data connections) and SSL interception will make it more risky to conduct online shopping and banking over wireless connections (MITM attacks for credentials theft, etc.).
Patch management will continue to challenge IT departments. Slight decrease in AUTORUN.INF-borne malware due to deployment of Windows 7.
David Harley
Director of Malware Intelligence
