Mal...where?

Fighting the Global War on Malicious Code

McAfee's Predictions...Plus Reality

So security firm McAfee released their predictions of malware trends in 2007 -- all ten can be seen here along with a rather limited description. In my humble opinion, a bit more needs to be said in response to these predictions, with a bit of harsh reality in mind...

1. The number of password-stealing websites will increase using fake sign-in pages for popular online services such as eBay.

Um...duh? Phishing has increased dramatically in the past few years, and it increases every year. 2007 will not be an exception, rather unsurprisingly.

2. The volume of spam, particularly bandwidth-eating image spam, will continue to increase.

Along with "the sun will rise" and "gravity will yet hold the denizens of Earth on its surface," this one's another no-brainer. An increase in spam? As in every year? As in already happening right now? Who would've thunkit?

3. The popularity of video sharing on the web makes it inevitable that hackers will target MPEG files as a means to distribute malicious code.

To be fair, they are some of the first people to come to this conclusion, though the recent spread of a MySpace worm via QuickTime movies might've been something of a tip-off...

4. Mobile phone attacks will become more prevalent as mobile devices become 'smarter' and more connected.

So they say every year, and yet CommWarrior and its ilk still remain some of the only viable mobile malicious threats. Perhaps it's going to take one well-crafted program that wakes-up the blackhat community into seeing the potential there. Or maybe we'll be saying the same thing for '08...

5. Adware will go mainstream following the increase in commercial Potentially Unwanted Programs.

The dumbest one in there. Adware's been "mainstream" for the better part of a decade now, and PUP's are nothing new. Who gets paid to come up with these things, and how do I get in line for the job?

6. Identity theft and data loss will continue to be a public issue – at the root of these crimes is often computer theft, loss of back-ups and compromised information systems.

Can a prediction really just say "things won't change"? Because this one's not much of a look into the future, folks...

7. The use of bots, computer programs that perform automated tasks, will increase as a tool favoured by hackers.

No doubt. The statement's kinda lame, since bots are remote-controlled programs that allow access to a compromised user's machine, and they rely on the botmaster for commands (automation is only a very small aspect of their use), but the thrust of it's still certainly valid.

8. Parasitic malware, or viruses that modify existing files on a disk, will make a comeback.

I'm really interested in this -- it's the only prediction McAfee makes that I don't feel would be on the top-ten list of the most casual security researcher. With the domination of the malware field by Trojan programs (Prediction #3 here), I certainly would like to hear why they believe this, and to see how it might develop.

9. The number of rootkits on 32-bit platforms will increase, but protection and remediation capabilities will increase as well.

Sadly so, though the "protection and remediation" bit is also likely to be true. I sure hope so; having to scan with RootkitRevealer after-the-fact doesn't do much for the guy who's had a hidden keylogger running for any length of time. We'll see if PatchGuard comes back to bite M$ in the butt on this one, too. (I, for one, think they'll probably be safe -- Symantec's Tamper Protection is overrated, anyways).

10. Vulnerabilities will continue to cause concern fuelled by the underground market for vulnerabilities.

The market for Zero-Days will definitely continue to grow, especially when one can combine an unpatched exploit, an established network of zombie machines, and some adware programs or a data stealer to spread. Bad news all-around.

Bottom-line? Expect bad things to continue, and folks like us to continue to fight the good fight trying to keep everyone safe on the 'Net.

~ Nexus7

posted by David @ 7:53 PM,

4 Comments:

At 11:35 PM, Blogger paperghost said...

I was meaning to do a writeup like this but got distracted by the whole Myspace worm stuff. By and large its a big shoulder shrugging so-what list, isn't it?

 
At 4:45 AM, Blogger David said...

Sure is...Dancho Danchev did a great "Future in Malicious Code 2006" piece here:

http://ddanchev.blogspot.com/2006/08/future-in-malicious-code-2006.html

...and I wouldn't mind seeing a 2007 version in the near-future. Only someone as big as McAfee can get away with saying nothing in so many words...

 
At 5:48 AM, Blogger paperghost said...

Thats why (when I do my paperghost postbags) you'll note I don't tend to give any real answers when faced with the inevitable "whats coming in the future" type questions. I'm just not sure how many times I can say "big heaps o' crap". plus I'd rather people ask me about batman or something ;)

 
At 2:49 PM, Blogger Rachel said...

very true, guys.

 

Post a Comment

<< Home


Web This Blog

About me

    I'm David From Atlanta, Georgia, United States -- I'm a Computer Science undergrad at Emory University seeking to go into Network Security after grad school. More than that, I am a follower of Christ and a Christian, living the Journey and learning from others who are doing the same. My family and home rest in Fredericksburg, VA.
    My profile

Archives

Previous Posts

Helpful Sites

Favorite Forums

Favorite Blogs

Powered By

Powered by Blogger>