Economic Crisis: The global economic crisis will be the basis of many new attacks. This will include phishing attacks (e.g. whose fictitious premise might surround the closing of a given bank). Similarly, attacks may also exploit other types of fraudulent activity such as around economic issues including e-mails that promise the ability to easily get a mortgage or refinance. Expect to see an increase in scams that prey on people who have had homes foreclosed, an increase in work from home scams targeting the unemployed, and an increase in spam that mimics job sites.
Social Networks: In 2008, we’ve noticed an uptick in activity in threats related to social networking sites. These threats have involved phishing for username accounts or using social context as a way to increase the “success rate” of an online threat. Spammers in select EMEA regions have been heavily promoting social networking sites – one instance reached more than 2 million Symantec customers. These threats will become increasingly important for enterprise IT organizations since the new entering workforce often accesses these tools using corporate resources.
Spam Levels Will Rise: Symantec saw a 65 percent drop in spam between the 24 hours prior to the McColo shutdown and 24 hours after. We expect to see spam levels rise back to approximately 75 to 80 percent. Command-and-control systems will be re-established and more importantly, this event may drive spammers toward the continued use of peer-to-peer botnets, which are generally more resilient. In this turbulent economic climate there may be other hosting companies around the world who might be willing to facilitate this sort of spam activity.
Virtual Machine Security: Virtualization technology will be incorporated into security solutions to provide an environment isolated and protected from the chaos of a general purpose operating system environment. This technology will provide a safe environment for sensitive transactions such as banking and protect critical infrastructure such as the security components that protect the general purpose operating environment.
Explosion of Malware Variants: Recent attacks include new strains of malware that consist of millions of distinct threats that propagate as a single, core piece of malware. This creates an unlimited number of unique malware instances. There are now more malicious programs created than legitimate programs.
Advanced Web Threats: As the number of available Web services increases and as browsers continue to converge on a uniform interpretation standard for scripting languages, Symantec expects the number of new Web-based threats to continue to increase.
source: http://www.symantec.com
