But companies might well be running to stand still: again according to PriceWaterhouse Coopers, 40 per cent of chief information officers (CIOs) believe the threats to their companies’ information increased in 2009.
Few security experts expect to 2010 to bring much respite, with cyber criminals developing new attacks and techniques, and businesses depending more than ever on the internet for communication and trade.
Here, IT PRO brings together some of the industry’s security predictions for the coming year.
As companies make more use of cloud computing to reduce their costs and improve flexibility, so the cloud is more likely to suffer from cyber crime. As more corporate data moves to the cloud, the cloud providers will become an attractive target, according to security firm M86.
And increasing reliance on third parties to host data and applications will make it more difficult for IT managers to control their information security perimeters.
Dark Traffic – And Bigger Botnets
More than 90 per cent of email traffic – 90.4 per cent, to be precise, according to Symantec – is now spam. The basic laws of mathematics mean that spam cannot grow much more, in percentage terms, but anti-malware firms expect the absolute volume of “dark traffic” to continue to grow.
One reason is that botnets are becoming ever more sophisticated and harder to detect. Another is that, for some reason, people buy stuff from spam emails. Amazingly 12 per cent of consumers have responded to spam, according to the US-based Messaging Anti-Abuse Working Group (MAAWG).
And, as Symantec cautions, more than two per cent of spam messages actually contain malware attachments.
Consumers’ interest in social networks is set to grow further in 2010, and so will cyber attacks directed either through social networks, or at them.
In addition to account takeover, and individuals using social network sites to introduce spam links or malware, several security firms expect 2010 to see attacks directed at social networks and their users through third-party applications, and the networks’ APIs.
Industrialisation of Hacking
According to IT security firm Imperva, cybercrime is increasingly organised along industrial lines. The company says that hacking groups now operate clearly defined supply chains. These groups are often organised in ways that are very similar to drugs cartels, and are making more and more use of automated tools to speed up their hacking attacks.
Data breaches will continue to be a headache for businesses, government departments and regulators. The Identity Theft Resource Centre reported 403 data breaches in the first nine months of 2009, exposing 220 million records.
Most data breaches in 2009 were unintentional or accidental. But the expectation is that the percentage of malicious breaches will grow steadily in 2010, both through hacking and cyber crime, and malicious data theft by ex-employees.
Applications that demand money with menaces were around in 2009, and are set to be more common still in 2010. Rogue anti-malware software takes control of users’ computers and effectively asks for a ransom to regain control of the machine.
Other scareware companies con users into downloading “anti-virus” software that detects spurious infections, and asks the user for cash to remove it. In another twist to the scareware scam, Symantec reports that rogue companies are selling rebranded copies of free antivirus software under their own names.
Large-scale malware attacks were the thing of the noughties. From 2010 onwards, the IT security industry expects to see a shift to smaller, more localised attacks.
These might be limited to a country, a city, an individual company, or even a high-profile individual. We have already seen hackers compromise the accounts of prominent social network users. Malware writers are turning to “spear phishing” attacks to target the rich, or the influential.
At the other end of the spectrum, security experts predict more attacks focused around large-scale international events, with the Winter Olympics and FIFA World Cup expected to bring large spikes in malware traffic.
Attacks on Virtualized Environments
Virtualisation was one of the key technology topics of 2009. In 2010, hackers will turn their attention to virtualised IT environments, according to the IEEE. Attacks on virtual environments have also been highlighted by Trend Micro as a risk for 2010, as it allows hackers to develop new attack vectors.
One risk is the use of virtualisation to support shared infrastructures; the other is gaps in security created by the interface between virtual machines, hypervisors, and the physical hardware.
There is no denying that Microsoft has made great strides in security in the last few years. However, as Windows 7 grows in market share, hackers will turn its attention to that operating system, rather than older versions such as Windows XP. And, as Trend Micro cautions, the default configuration of Windows 7 is less secure than the default set up for Vista.
Serious malware threats to mobile phones, and especially smart phones, are certainly possible. This year has seen attacks on iPhone users in Australia, and attacks on BlackBerry devices carried through PDF files.
As yet, there has not been a large-scale attack on a single mobile platform or operator, perhaps because of the diverse range of the mobile handsets on the market, and perhaps because as yet, mobiles carry only small amounts of critical data.