Top Ten 2007 Security Problems: Predictions: Page 2

6) Identity theft and data loss will continue to be a public issue – at the root of these crimes is often computer theft, loss of back-ups and compromised information systems.

The problem with ID theft is that it can take so many forms. “It’s not just the ‘steal a database’ thing, it’s not just the exposure of confidential information through a poorly configured web site, it’s not just a phishing site – all of those are different forms of ID theft,” he says.

Moreover, stolen ID is often warehoused and sold at a later date, so users may never know when their stolen data will be used.

To monitor trends in ID theft, Marcus points to the consumer protection organization Privacy Rights, whose site tracks the level of ID theft on a daily basis.

7) The use of bots, computer programs that perform automated tasks, will increase as a tool favored by hackers.

“Bots have been the bane of malware protection for years now,” Marcus says. “What we’ve seen lately is some shifts in the way that botmasters have been communicating with their bots.” Specifically, bot writers have grown wise to the fact that businesses are allowing IM and P2P on their networks. So more bots are now enabled to communicate via IM and P2P.

“They’ve figured out, ‘Hey, this company is letting in IM through their firewall – they’re not filtering it, why don’t I have my bot communicate,” in this way? This new breech of defense by bots is in addition to the success that bots already enjoy via IRC, without being filtered or stopped.

8) Parasitic malware, or viruses that modify existing files on a disk, will make a comeback.

The vast majority of malware in the wild is “static,” says Marcus, meaning it’s non-replicating and doesn’t seek to change or alter files on infected machines.

“But we’ve seen a recent rebirth of parasitic malware,” he says. The techniques that hackers use tend to cycle, and for whatever dark and insidious reason, parasitic malware is back in vogue.

9) The number of rootkits on 32-bit platforms will increase, but protection and remediation capabilities will increase as well.

“We compared the first two months of 2006 to the first two months of 2005, and we saw an increase in rootkit-enabled malware by about 400%,” Marcus says. “We see more and more malware that has stealth capabilities.”

But at the same time, protection efforts against stealth and root malware have been stepped up, he says.

“By using more and more stealth in their malware, it shows that [hackers] are really trying to do as much as they can to make their malware live longer, to not bring attention to themselves.”

10) Vulnerabilities will continue to cause concern, fueled by the underground market for vulnerabilities.

There is a highly advanced market among hackers who buy and sell security vulnerabilities among themselves. This is nothing new, Marcus says, yet it’s received much more press attention recently.

Helping to fuel the discovery and sale of vulnerabilities are the “bounty programs” – legitimate, sponsored programs – that encourage people to find holes in applications.

“Couple that [the bounty programs] with the fact that there are a lot more tools for automatically finding vulnerabilities, and you just end up having a huge number of vulnerabilities.”