Top Security Threats Predicted for 2007

Malware threats to watch include increase in password-stealing web sites, more spam, and likelihood of hackers targeting video  

The anti-virus, computer security company McAfee has announced its top ten predictions for security threats in 2007. According to McAfee Avert Labs data, with more than 217,000 various types of known threats and thousands more as yet unidentified, the emerging trend is the release of threats by professional and organized criminals.

In no particular order, McAfee Avert Labs' listed the following security threats to watch out for in 2007:

1. The number of password-stealing Web sites will increase using fake sign-in pages for popular online services such as eBay.
2. The volume of spam, particularly bandwidth-eating image spam, will continue to increase.
3. The popularity of video sharing on the Web makes it inevitable that hackers will target MPEG files as a means to distribute malicious code.
4. Mobile phone attacks will become more prevalent as mobile devices become "smarter" and more connected.
5. Adware will go mainstream following the increase in commercial Potentially Unwanted Programs (PUPs).
6. Identity theft and data loss will continue to be a public issue - at the root of these crimes is often computer theft, loss of back-ups and compromised information systems.
7. The use of bots, computer programs that perform automated tasks, will increase as a tool favored by hackers.
8. Parasitic malware, or viruses that modify existing files on a disk, will make a comeback.
9. The number of rootkits on 32-bit platforms will increase, but protection and remediation capabilities will increase as well.
10. Vulnerabilities will continue to cause concern fueled by the underground market for vulnerabilities.

McAfee Avert Labs recommends that both enterprises and consumers protect themselves by constantly stay updated with the latest Data Definition Files, install the latest patches and implement a multi-layered approach to detecting and blocking attacks. 

Analysis by the security organization the Burton Group points to a similarly gloomy horizon, predicting that enterprise security threats will turn more sinister.

"The enterprise security threat environment for 2006 and 2007 includes a marked increase in sinister security threats -- targeted, intentional criminal attacks originating from outside the enterprise, and collusion between criminals and inside contacts", according to Daniel Blum, senior vice president and research director at Burton Group.

Blum's research shows that with global deterrents from law enforcement being weak, criminals are organizing into an underground economy of specialists. Near-term results include increases in the volume and scale of criminal attacks on companies and consumers.

For another perspective, you might also like to read the SANS document, The Ten Most Important Security Trends of the Coming Year, one of an extensive library of resources available on their web site.