The leading threats in 2007: vulnerabilities, targeted attacks and online fraud

Accordingly, the prime concerns for both users and security companies alike will be similar to those of 2006. Targeted attacks, i.e. those that are purpose-built to hit specific objectives; vulnerabilities in system software, and the online fraud, especially, the criminal use of junk mail, such as phishing, will once again play a leading role. Obviously, the common denominator of these attacks will once again be financial profit.
 
“In 2007, we are likely to see cyber-crooks perfecting their methods yet further.  The design and programming of phishing techniques, for example, will improve in order to counter improvements in the corresponding security systems. On the other hand, we will probably see more malicious code with rootkit functions in order to infiltrate computers unnoticed,” explains Luis Corrons, director of PandaLabs.
 
PandaLabs also predicts advances in social engineering, in particular with respect to spam, bearing in mind that in the last months of 2006, junk mail was widely used to boost stock prices or even to affect election results.
 
“Targeted attacks will be one of the major threats in 2007,” adds Corrons. “Many criminals identify specific targets, such as the users of certain online banks or services. They then create purpose-built malicious code which is distributed to just a few selected users. The aim is to go undetected by security companies so that no antidote will be created.”
 
Vulnerability exploits are another factor to consider. Cyber-crooks will try to exploit the time between the discovery of a vulnerability and the release of the corresponding patch by developers. Hackers will try to identify unknown security problems in all types of commonly-used applications.
 
“In general, the malware panorama for the coming year is worrying. The solution however involves using the technological tools available. One of the most appropriate measures is to use proactive technologies that can detect malware intuitively, unlike traditional antivirus solutions”, concludes Luis Corrons.
Â