1. Every security blogger in the world will mark the transition from 2009 to 2010 with at least one top ten something-or-other article. Except me, of course.
2. There will be headlines about the death of anti-virus, and a famous security guru will state that anti-malware only catches malware that's already been identified and analysed, that he's never used AV and that he's never had an infected system. His blog on the topic will be interspersed randomly with the word "wazzu".
3. A huge, incredibly dangerous botnet will be exclusively announced by at least a dozen security companies over a period of three days in words along the lines of "X Security Software has discovered…" All blogs on the topic will attract comments like "I don't care about this because I use OS X/Linux/AmigaDOS/CPM+…"
4. Claims will be made that a particularly media-friendly malicious program is more dangerous than the 2004 tsunami, and Rob Rosenberger will tell us that it's the AV companies' fault. The hype, not the tsunami. Well, actually….
5. ….someone, somewhere will come up with the suggestion that anti-malware researchers write all the viruses. However, The Onion will announce that we're all now working on ways of creating and detecting earthquakes.
6. More Mac malware will be seen. The Mac community will rise up as one and say "There are no Mac viruses, and Trojans don't matter." Apple will announce that the presence of malware on any Mac device is culpable negligence on the part of the user and therefore in breach of their licence agreement.
7. Someone will claim that all current anti-malware technology infringes their patent on signature detection. ESET will launch its new patent infringement detection system.
8. A trivial malicious program will attract enormous media attention for some peripheral reason, probably because it's somehow associated with a recently deceased celebrity. The anti-malware research community will rise as one and say "the sky is not falling". All blogs on the topic will attract comments like "I don't care about this because I use OS X/Linux/AmigaDOS/CPM+…" When the sky doesn't fall, the media will dismiss it as anti-malware researcher hype.
9. More testers will claim that their testing is dynamic and/or AMTSO-compliant, and everyone will believe them because they say so. At least one aspirant tester will charge vendors for not testing their products.
10, The Conficker botnet will DDoS the whole of Europe. No-one will notice because every security blogger in the known universe will be busy putting up warnings about the social engineering malware attacks we expect to see using Shrove Tuesday as a hook.
10a. I will consider blogging about the top ten blogs of top ten somethings-or-other, but will decide against it because I can't imagine anyone coming near Graham Cluley's sheer chutzpah in publishing a top ten list of his own blogs.
10b. This blog post will attract three comments that "You can't count: that's a top twelve"; two defending Graham Cluley's karaoke performances (both from an IP address in Abingdon); and one saying "I don't care about this because I use OS X/Linux/AmigaDOS/CPM+…"
David Harley BA CISSP FBCS CITP
Director of Malware Intelligence
ESET Threatblog (TinyURL with preview enabled): http://preview.tinyurl.com/esetblog
ESET Threatblog notifications on Twitter: http://twitter.com/esetresearch (or @ESETblog)
ESET White Papers Page: http://www.eset.com/download/whitepapers.php
Securing Our eCity community initiative: http://www.securingourecity.org/
Author David Harley, ESET