Security Watch | Matt Hines » Symantec takes stock of top 2007, '08 threats

November 21, 2007 | Comments: (0)

Symantec takes stock of top 2007, '08 threats

TAGS: Security

With the Thanksgiving holiday (thankfully) bearing down on us, we've reached that time of the year when experts and prognosticators of all different sorts begin to fill our in-boxes with their reflections on the best and worst of the last twelve months, along with what they expect to emerge as the most important trends of 2008.

And as the throngs of poor souls hurrying past my office window here in Boston in vain hopes of avoiding the impending rush hour travel meltdown thicken (even before eating dinner tomorrow) it would seem that the holiday season is now officially upon us, and thus, it's only fitting to begin the annual cycle of post-mortems and predictions.

For its part, Symantec has had an interesting year, further wrapping its arms around the evolving shift in IT security away from defending devices and networks into more proactively protecting valued information -- and making interesting acquisitions such as its recently-announced buyout of Vontu, a so-called data leakage protection (DLP) tools provider whose products aim to help address that very transition.

Experts from the little yellow box company recently passed along their top security trends for 2007 and issues to watch for 2008. Those lists follow, along with some related observations offered to Zero Day by Kevin Haley, director of product management for Symantec's Security Response team.

Symantec's Top 10 Internet Security Trends of 2007 were:

1. High profile data breaches.

Haley: This trend has forced companies to focus more on securing the entire supply chain and making sure that their business partners are doing as good a job of protecting their information as they have promised to.

2. Vista introduction.

Haley: While a lot of work clearly went into improving the overall security of Microsoft's flagship Windows OS, hackers proved quickly that there's still plenty of opportunities to carry out attacks.

3. Spam.

Haley: Spammers continued to use new technological tricks like image spam, and mainstream events such as the 2008 election to find their way into in-boxes and trick people into opening their messages. The spambot effect has not helped, at all.

4. Professional attack kits.

Haley: The increasing professionalism among malware authors has led to threat kits that make it easier than ever for aspiring attackers to build their wares. Full time product support and frequent updates are hallmarks of the underground trade.

5. Phishing.

Haley: Advanced phishers have also begun selling their ideas for others to carry out via tool kits. Combined with tons of botnet-driven spam and increased targeted of attack recipients, things have not improved much in this segment.

6. Exploitation of trusted brands.

Haley: Using social networking sites and legitimate Web pages to deliver their attacks, the bad guys are exploiting users within the confines of sites that they know, use and trust (for now).

7. Botnets.

Haley: The people at the top of the trade are getting terribly smart and harder to catch. Everyone else is keeping security folks busy enough fighting off their continued attacks. P2P command centers are being used, the networks are being constantly moved around, and there's no end in site for the botnet problem in general.

8. ActiveX vulnerabilities.

Haley: Professionals continue to find new ways to carry out these time-honored attacks, and even though IE7 has been hardened, there's still plenty of room for new malware variants that target ActiveX.

9. Vulnerabilities for sale.

Haley: Even with the recent arrest of a co-founder of the controversial
WabeSabi Labi -- an eBay-like market on which members can buy and sell vulnerabilities -- don’t expect this idea to go away anytime soon.

10. Virtualization.

Haley: While there are likely security benefits to be had from the adoption of virtualization, we don’t yet understand all the problems that the approach could create.

As for its predictions for 2008, Symantec contends that the leading issues will be:

1. Even stronger and more complex botnets
2. Malware threats that take advantage of Web 2.0 technologies such as AJAX
3. Larger numbers of attacks aimed at mobile devices
4. Continued evolution of spam
5. More focus by the bad guys on assailing virtualized machines
6. Attacks crafted to prey upon interest in the 2008 presidential election

"The biggest issue in the industry is this continued evolution toward professionalism by those people behind the attacks, as long as they can make money using some form of malware, botnet spam or phishing, they're going to look for new ways to carry on with that activity," Haley said. "You have this whole supply chain in place now that includes the people finding the vulnerabilities, building the exploits, selling stolen information and turning that data into money; overall it's not a very encouraging outlook."

Posted by Matt Hines on November 21, 2007 12:58 PM

RATE THIS ARTICLE: