Security experts McAfee confirm what we already know: when the economy starts to hurt, the purveyors of malware jump in to increase the pain. With the revelation of it's 2009 threat predictions, McAfee looks ahead to a dismal year of continuing cyberthreats.
Like I say, with no hint of surprise at all, the top trend to emerge is the exploitation of economic suffering, adding to the financial woes we face. People are being hit with fake financial transactions services, fake investment firms, and fake legal services. “Computer users face a dangerous one-two punch today” says Jeff Green, senior vice president of McAfee Avert Labs, adding “The current economic crisis is delivering a blow to our financial well-being, while malware authors are taking advantage of our distraction to deliver a roundhouse strike.”
So what else does McAfee see while rubbing it's crystal security balls?
Well, there is the concept of criminals transitioning to the Internet cloud as the main delivery vehicle, slowly displacing the more traditional vectors of malware distribution. And then there are those threats that take evasive action against security measures such as single-use binary files. Think of these as being the criminal equivalent of a single-use credit card number for online usage. These binaries create a swathe of threats, making it harder for victims to describe their assailants, and harder for defenders to catch them. McAfee predicts malware in languages other than English will grow, because by diversifying into a global market the criminals can access larger pools of valuable identity and confidential information. Well, meh!
USB sticks and flash-memory devices, especially as used in cameras, picture frames, and other consumer electronics, will get a grasp in the security attack market. Mainly courtesy of the almost unregulated use of flash storage across enterprise environments. Oh, and the malware underground will continue to use mainstream practices to sell scareware as this is still a highly lucrative source of income.
About the only upbeat prediction here is that, possibly as a result of the McColo spam takedown last year, passive anti-spam law enforcement will morph into a more proactive one. To be honest, I will believe that when I see it.