Symantec's top 10 threat predictions
At the beginning of the year, computer security firm Symantec took a punt on predicting some of the threats to appear in 2010.
They sent through an interesting release the other day outlining those predictions, and seeing whether they were on track.
Of course, a press release from an antivirus company is likely to encourage the buying of antivirus programs and one might also think that putting a bit of fear into potential customers could also not go astray.
Yeah, maybe I'm a cynic, but that's how marketing works, right?
So I narrowed their list down a bit to ten. There are some interesting bits and pieces in there which give a bit of insight into the current state of malware and virus threats.
Here are a few of their predictions and some of their commentary on whether or not they were right.
1. Antivirus software will not be enough.
They say this is true and that unique variants of malware are growing at such a rate that they eclipse the production of good software.
Symantec reckons they created 2,895,302 new malware signatures last year - a 71 per cent increase from the number they created in 2008. In the first half of 2010 they say they have already created 1.8 million new malware signatures.
You know what always annoyed me? The way that multiple anti-virus programs clash with each other - wouldn't haven't several running at once be best? Anyway...
2. Social engineering as a primary attack form.
Well, I think we can all see that this was a pretty safe bet. Facebook scam groups, dodgy iPhone and Android apps and "click here to see why this boy got expelled" schemes seem to be all over the place.
I would also add that event-based schemes seem to be on the rise. When the World Cup was on, I saw a marked rise in scams trying to prey upon people looking for stats, scores and merchandise. Pretty sneaky.
3. Rogue security software attacks will increase, including hi-jacking and ransom of computers.
So far, they admit, this one was off the ball. While rogue security software attacks are still common, we haven't seen a rise in people's computers being held to ransom just yet.
They also point out that some dodgy operators have been re-branding legitimate free anti-virus software and then selling it for profit - pretty cheeky.
Another thing on the rise is cold-calling to convince people their computer is infected with something - they then say they'll fix it for a price. Devious, malicious and really annoying when you are trying to eat your dinner.
4. Third-party social network apps will increase in fraudulence.
They were mostly spot-on with this pick. Facebook has recently upgraded their application authorisation system to help crack down on this trend.
With the huge rise in popularity for social networks, it's inevitable that scammers will turn to these channels to find new and plentiful targets.
Ever signed up for one of those IQ tests? Apparently one of them was signed to a scam which automatically signed you up to a premium mobile phone service which has a monthly fee.
I see new ones doing the rounds all the time on Facebook, but Twitter seems to not get them as much, from what I have seen.
5. Windows 7 will become a prime target for malware and security threats.
This pick, well... not so much. Symantec admits that only one major attack has been aimed at Windows 7 users so far this year - fewer than they expected. They also note that the fault affected all Windows systems - so it wasn't really a Windows 7 thing.
They describe this pick as "still possible" and say that, in psychological (and economical) terms, hackers and con artists prefer the "path of least resistance" - and it makes sense.
Why spend months trying to hack or exploit Windows 7 when you can set up a phishing scam on Facebook in a few days and have 500 million potential targets?
6. An increase in "fast flux botnets".
A "fast flux botnet" is one which hides compromised computers behind an ever-changing array of IP addresses, as opposed to the traditional botnets which have single IP address.
Apparently the industry is catching on to the traditional versions, and finding ways to block them or even shut them down, so the fast flux method of hiding is gaining traction.
However, Symantec says this pick was also a little off. This goes in the "still possible" basket, as they haven't seen any new major threats arise.
That's not to say there aren't any botnets still out there - apparently the "Storm" type is still common, which uses computers infected with trojan viruses to send out spam.
7. URL shorteners will become the phisherman's friend.
I think this one was a reasonably safe bet. Even by the end of 2009 some services were starting to incorporate link-checking features to deter this kind of thing.
Basically, when you shorten a URL it removes the security of actually being able to see the address you are being directed to. It's a dodgy practice, I try to share whole links if I can, as opposed to shortened ones.
Symantec says 18 per cent of spam now uses shortened links to help achieve their dastardly goals.
8. Mac and mobile malware will increase.
Once again, this one (thankfully) goes into the "still possible" category.
They predicted that, as Mac and smartphones continued to rise in popularity, more scammers would devote time to finding holes in these kinds of systems.
Apparently note - they say it hasn't been on the increase in the way which they thought it would, and also note that iOS devices continue to be mostly secure from a client perspective.
I must say, though, that it depends what you consider a threat. A story I read yesterday said masses of apps, both iPhone and Android, ship your info off to third parties.
9. Spammers starting to break the rules - selling your info etc.
Symantec notes an increase in "grey mail" - things like newsletters which do have an opt-out function, but which you never signed up for in the first place.
If you start to get things like this, you have to wonder where they got your email in the first place... or who gave it to them, more like.
I think we are becoming quite aware of what information we put on the web these days, especially following the Facebook privacy debate. That has to be a good thing.
10. Spam will fluctuate as the war between spammer and anti-spammer will escalates.
They say this prediction is a bulls-eye.
As authorites and responsible ISPs act to fight spam, spammers search for different ways to attack - like shortened URLs and social networks. This makes the spam levels rise and fall as the battle continues.
Right now, I feel like the spammers are doing some good damage - I've noticed heaps of spam being caught in my Hotmail filter, which isn't listed anywhere - cheap medication, russian brides, oil deals and the like.
They also note that a major victory this year was the shutting down of the Mariposa botnet - the suspected creator of which has been arrested just this week. Good work, boys (and girls).
What do you think? Do you worry about the security of your systems? Have you ever been scammed? Any good security tips?
» Join Connector on Facebook, Twitter @lukeappleby or Email Luke at connectornz@gmail.com
» If you like this blog, vote for it in the NetGuide People's Choice Web Awards! Go here to cast your vote for it as Best Blog. Voting closes on July 30.
Sponsored links
Newest First
Oldest First
Trust no-one. Anything and everything that gets onto my computer is checked and double checked first. The one time I didn't do that I ended up with a root-kit on my hard drive. Oddly enough the programme that eventually got it off for me is now identifed as a trojan - which it isn't as its a DOS based development tool which terminates on exit.
The piece of software that identified the root-kit was in fact NOD32. Malware detectors, Spybot and a few other things found nothing. So whatever you do, don't rely solely on one form of protection.
As Futurama has taught us nobody won the Spanish lottery ever. Most of their list is essentially the same thing, social engineering.
I always tell people to not use Symantec products as it generally causes more issues than it is worth.
Spybot is good but I back it up with Spyware Blaster which stops the greeblies from being installed in the first place.
Use your sense. If you don't know who they are and they tell you have gotten something for nothing and you didn't apply for it then it is almost 100% guaranteed to be fake.
Never install Symantec.
One way to get around #1 and #6 is to run your browser in more than one virtual machine. You probably need a newish processor to run the OS quickly, but having virtual machines (say 3 - one highly disposable, one you delete once a week/month, and one for banking which you delete after using) you can be reasonably confident that your host system won't be compromised, assuming you update your host OS as needed. Complicated, yes. I can't think of anything more uncompromisable, unless you unplug the internet.
"I always tell people to not use Symantec products as it generally causes more issues than it is worth."
Absolutely. We have had nothing but trouble with Symantec. Its current trick upon detection of a virus is to place it in its quarantine whereupon it continuously detects the virus IN ITS OWN QUARANTINE!!!
Use Microsoft Security Essentials - has never been a problem and is a quick, secure antivirus/antimalware.
The biggest threat is still the wetware (ie. the humans involved). Uninformed users are the biggest security risk - far higher than any technical risk - and there is no real protection that can be afforded by any product that anti-virus companies can provide.
If anything, the security products build a false sense of security. "Hey I've got anti-virus so I'm safe..."
what about the bats?
@cm #6
Totally agree with that. Arguing with people who are ADAMANT that they have X million dollars waiting for them overseas and they just need a short term loan so they can pay the processing fee gets very tiring...
Error message: FEBKAC (Fault Exists Between Keyboard And Chair). Solution: Replace user and press any key to continue.
Another quick tip I use for avoiding spam - multiple email addresses!
I have email address I use soley for various internet activity, these get absolutely bombarded by spam but it keeps my other email address for legitimate business clean.
Also I keep email address's associated to bank account details etc clear of mailing lists and social networking websites - with different passwords.
It may mean more things to check but it also means I won't fall for certain phising scams because I know that address isn't linked to my bank account.
Sir Bob Jones: SBW-Tillman fight a joke
Jaime Ridge ringside supporting Sonny Bill
Celebrity mum and daughter BFFs
Tillman KO the biggest buzz for SBW
Police U-turn on speeding tolerance
TVNZ included in police Electoral Act investigation
Five aftershocks jolt Christchurch
Romney campaign takes aim at rival Santorum
Rick Santorum wins Missouri primary
Santorum claims momentum with upset wins
Sir Bob Jones: SBW-Tillman fight a joke
NZ has high rate of men-only boards
Tillman KO'd by Sonny Bill Williams in first round
Five aftershocks jolt Christchurch
Resignations at MediaWorks holding company boards
Police U-turn on speeding tolerance
Sir Bob Jones: SBW-Tillman fight a joke
Celebrity mum and daughter BFFs
Tillman KO'd by Sonny Bill Williams in first round
Deciphering the language of love
How to tell someone they're fat
3D printing: saviour or piracy tool?
Sir Bob Jones' boxing tirades becoming tiresome
I deal with the victims of online scams every day.
My top tips are:
1. Don't click on any emailed link to anything even if it is from a friend - unless you know exactly what they are directing you to.
2. Secure your facebook account - prevent anyone viewing, linking to, re-posting, sharing or otherwise disseminating any information you have on there.
3. Use an online email account such as gmail or hotmail to filter spam. They are the best spam filtering systems out there.
4. Never, ever, ever sign up for anything that is free and only requires your credit card details for 'age verification.' They are lying and you will have a real challenge getting your money back.
5. Have anti-virus. Updated it reguarly. Scan your PC daily. Free ones like Avast! are good NOD32 is an excellent paid one. Avoid Symantec products because inspite of recent improvements they are still a resource hog and their subscription service is as bad as the scams they are protecting you from.
6. Use and scan your PC regularly with anti-spyware programs like 'Spybot Search and Destroy.' A free anti-malware program with an excellent reputation and well maintained net-nasty definition files.