Fast-flux botnets, social networking attacks, mobile malware and more — Symantec looks back at 2010 security predictions and how reality is matching up
By Vincent Weafer, Symantec – August 23, 2010
As predictive analytics emerge as a sought-after business tool, Symantec continues to gather data that it uses to both analyze and predict trends in Internet security. Just like predictive analytics provides valuable information allowing businesses to make smart decisions, Symantec’s predictions are based on analysis and give businesses and individuals important information on the changing threat landscape that helps them make smart decisions. In order to offer the best information possible, Symantec reevaluates its yearly predictions halfway through the year. Here’s a look at each prediction for 2010 and an evaluation of where it stands at the midyear mark.
What We Said: Antivirus Won’t Cut It
The multiplication of both malicious code and of polymorphic threats was so great in 2009 that the amount of malicious software actually surpassed the amount of good software. While users should still maintain antivirus protection, they are going to need something more to be secure. Other approaches, such as Reputation-Based Security, will emerge as key alternatives to the footrace of writing signature codes for malware.
Where it Stands
The increase of malicious code has not let up since making that prediction. While Symantec created 2,895,802 new malicious code signatures in 2009 (71 percent more than 2008), it has already created 1.8 million new malicious code signatures in the first half of 2010. It has also identified 124 million distinct new malicious programs.
The number of sources for new malicious code is huge and keeps growing. The security industry is simply not going to be able to keep up with the speedy spawning of malware. That doesn’t, however, mean cybercriminals have won. Reputation-Based security is catching on as a smart, innovative solution that promises security to those who are interested. Heuristic, behavioral and intrusion prevention technologies are also means of future protection as malware continues to spread.
What We Said: Rogue Security Software Vendors Step it Up
Sellers of rogue security software have not yet reached their peak. They will become more active and more innovative. They have already begun to sell rebranded copies of free third-party AV software and will likely begin to use tactics such as rendering computers useless and holding them for ransom until they are paid.
Where it Stands
While cases of vendors holding computers for ransom have not yet been observed, Symantec has certainly seen more activity and more innovation from rogue security software sellers. One example of this is the practice of cold calling where sellers insist a person’s computer is infected and offer “solutions” either by having them download something or by convincing the user to let them access the computer remotely. In such cases sellers may be from actual companies who make a business out of such scams, as was one company Symantec investigated called Online PC Doctors.
What We Said: Social Networking Third-Party Applications Will Be Fraud Targets
Social networking sites have been awakened (rudely, in some instances) to the reality that their popularity makes them a target for fraud and other cybercrimes. Symantec predicted that many of them would react well and continue to take steps to secure their sites. Sadly, cybercriminals are not so easily deterred. They will turn to vulnerabilities in third-party applications to weasel their way in and wreak havoc.
Where it Stands
This trend is still developing, but it is developing in the predicted direction. Fortunately, social networking sites have reacted well and decreased the amount of malware breaking through their sites. Unfortunately, malicious efforts are increasing in the world of third-party applications. One app, for example, turned out to be part of an IQ testing scam that covertly signed up users for premium mobile service that cost $10 per month.
Social networking sites may already have begun working against this trend. Facebook recently updated their application authorization system in an effort to reduce the number of scams and misleading applications making their way into the site. Users are now informed when an application seeks to access their information or post on their wall.
For more, visit CSO Online