Security Threats — Part II

Spyware. Spyware has seen massive growth in the past couple of years, and this coming year we expect to see no slowdown.   

Targeted File Attachment Attacks. They send only a small number of well crafted messages to specific individuals and hope to gain an entry point. This makes AV detection difficult because the malware is a custom tool and not available to most AV houses for detection.

Web-based Botnets. Instead of a persistent IRC connection, these bots will make a periodic poll to a Web server for new commands and updates. This reduces the network footprint of the botnet, making its detection harder in some cases.


Counter-surveillance. We expect the trend of the bad guys mapping the good guys to continue in 2007, which will further erode visibility into their activities. This includes mapping sensor networks and honeypots, research communities, as well as poisoning them with false and misleading data.  If the trends this year are any indication, they have a large backlog of vulnerabilities they are slowly revealing, usually timed to maximise the time between the public discovery of the issue and the vendor’s patch release schedule. This will continue and promises to affect Internet Explorer and Office and most likely other, more specific applications.

Comments are closed.