Internet Security Threats for 2010

by Sharon Lobo    Dec 09, 2009

Year on year the growth of various online threats, including spam, phishing, botnet activity, and malware has been on the rise. The reason — cyber criminals are succeeding on such a scale and making so much money, that each year they are able to invest in better and more automated ways to run their rapidly expanding and increasingly sophisticated operations. So while this year saw a large number of online attacks, the threat environment in 2010 will remain the same, except that it will have more of everything and be even more transient, agile and organised!

AVG predicts the following Internet Security Threats for 2010

  • More diverse, automatically generated malware: Today malicious code is written with more variants. Cyber criminals can now automatically create hundreds of thousands of unique pieces of malware a day, much of which has no unique signature and can bypass old-fashioned signature-based virus detection software. This makes it increasingly important for people to have more than just anti-virus protection on their computer.

  • Cyber criminals still want your money, identity and/or resources: For many years now most malicious code and web sites have been directly or indirectly about stealing your money, identity, computer resources or some combination of these. They manage to do this in two ways
    1. Trick you to hand over money to them via social engineering and phishing scams. People still believe they can help that relative of a despot in Nigeria who needs their help to access millions of dollars. They believe they have won a lottery they never entered. Or they believe that there really is a long lost, hugely wealthy, dead relative they have never heard of and that the kind and diligent lawyer will help them to get access to the estate.
    2. Trick you into
      providing, or steal off of your computer, enough of your personal
      details so as to build up a dossier of information about you that is
      sufficient to trick someone else into providing them with money, goods
      or services. Expect to see even more legitimate-looking and
      personalised phishing attacks impersonating your bank or other
      businesses you have accounts with.

      Once the cyber criminals have your
      details they buy online using your credit card details and trick the
      merchant into providing them with goods or services. They steal online
      gaming usernames and passwords to gain access to your winnings in your
      favourite game world.

  • Make your computer into a part of their botnet: Then they can use your computer resources and Internet bandwidth to send out spam, host poisoned web pages, host downloads of illegal software, movies, music, etc.

  • Cyber criminals in the cloud: To keep ahead of the computer security industry’s efforts to thwart their activities, the cyber criminals have become quite agile. They are using in the cloud technologies in far more sophisticated and effective ways than most legitimate businesses. It was recently discovered that Google’s AppEngine had been tapped to act as the master control channel to feed commands to large networks of infected computers in a botnet. (Google shut down the rogue app shortly after being notified of it.) We can expect more of sort of activity in 2010.

  • Highly transient web threats: In 2010 we will see the cyber criminals continue to improve the speed with which they are able to move their campaigns from domain to domain, server to server. In recent times we have been increasingly seeing the cyber criminals set up hundreds of thousands of new web sites and pages per day, well in advance of using them for nasty purposes. This enables them over a period of a week or so to gain a good rating in the reputation-based security networks being used by some security vendors.

    Then the cyber criminals change their innocent web pages and go live with their malicious payloads on those same web pages. In early 2009, AVG researchers reported that 60 percent of these poisoned web threats were active for less than a day and 75 percent for less than 30 days. By the time the reputation-based networks and blacklists are flagging these poisonous web sites and pages as bad, the cyber criminals have shut them down and moved them on to another domain or server.

  • Exploitation of major events, news and gossip: Some cyber criminals have also recently enjoyed success in manipulating the popular online search services. They are clearly now investing more effort in such activities so they can, almost at the drop of a hat get search results at or near the top of the first page of results. Should a celebrity die, an election be fought, some video clip go viral, the cyber criminals quickly exploit the blossoming interest in that topic. The cyber criminals hijack search results into clicks on links to their malicious web pages. Expect to see more highly targeted, convincing attacks with custom malware in 2010.

  • "Web two-point-uh-oh": With the rise of Web 2.0, attacks that impersonate social networking sites or spoof contacts from your friends list are more likely to be clicked on. The Koobface worm has been rattling around Facebook and a worrying number of its users for a while now. Along the way support has been added for MySpace, several other social networking sites and more recently Twitter and LinkedIn. Attacks that impersonate social networking sites or spoof contacts from your friends list are more likely to be clicked on. So the cyber criminals exploit this trust. This approach seems to have a good return on investment for the financially motivated crooks behind it, and it s likely we’ll see a great deal more of this kind of thing in 2010.

  • Emerging nations go online with poor security: The number of computers and number of people connected to the Internet is still growing fast. More and more people in places like China, India, Brazil etc. are going online with improved connection speeds. Unfortunately many of them are using pirated software that can not be kept up to date with security patches. This makes it easy for the cyber criminals to target those computers, get control of them and start using them as resources to power their criminal activities. We expect to see a big increase in threats being delivered via emerging countries in 2010.

  • Global economic crisis impacts security: Although the effects of the current economic downturn are quite unequally distributed, employment in the USA and some parts of Europe and Asia has taken a particularly hard hit. This can have a flow on effect.

All these online threats expected in 2010 are likely to be nastier than ever, more targeted and more frequent. With malware and cybercrime now being almost exclusively driven by organised crime running on a business model, changes are largely driven by criminal cost/benefit analysis of opportunities and risks. However the good news is that people do not need to worry if they understand the nature and purpose of the threats, can see through the scams and the "too good to be true" offers, have good Internet security protection on their computers and keep all of their software up-to-date.