Looking back on 2007
Last year was a busy year for hackers, spammers and cyber-criminals, and 2008 promises more of the same.
Web browser exploitation was one of the major growing trends focused on at the majority of security conferences last year. Attacking Web browsers and plug-ins can cause serious damage and critical information leakage.
ActiveX components for Microsoft's Internet Explorer accounted for nearly 90% of browser plug-in vulnerabilities disclosed in 2007. This has grown from around 50% in 2006. With an exploit like the one released for Internet Explorer in November, just viewing a page with a vulnerable browser can leave a machine compromised. This often has the public waiting a number of days for a fix to be released, which is a serious cause for concern.
Within two hours of the Safari beta being released in 2007, there were multiple vulnerabilities disclosed. In terms of disclosure of vulnerabilities, a much larger number of vulnerabilities was disclosed in 2007 than in 2006. We can assume this will continue to be the case during 2008.
Wham, bam, thank-you spam
As always, spam is growing and the techniques being used by spammers are becoming more sophisticated. With social networking services such as Myspace and Facebook, harvesting e-mails is made much easier for spammers. They will now also use personal details from a target's Web page to make the e-mail seem more authentic. As with the increase in spam, so will the number of phishing sites increase. Coupled with personal information, this is a very powerful attack.
According to an annual report by Barracuda Networks, 95% of all e-mail sent in 2007 was spam. This is rather alarming considering in 2001 spam only made up 5% of all e-mail sent. From 2006 the numbers rose from an estimated 85% to 95%.
Botnets are also becoming more sophisticated, using new techniques like fault tolerance. This will make them "immune" to certain defences. They also have adaptive techniques to evade behaviour-monitoring tools, which makes them considerably more dangerous.
Secret crush widget
These days even a complete novice armed with the right tools can break into a "secured" network in less than 10 minutes.Dino Covotsos is the founder and CEO of Telspace Systems.
As predicted by Richard Stiennon from Fortinet, Facebook widgets are being used to distribute malware. Widgets allow users on Facebook to develop small applications to be used for just about anything. The first malicious widget has just been released. It is called the "Secret Crush" widget. The malicious application first tells you someone has a secret crush on you, then requires you install the application and invite five friends.
Once installed, it will proceed to download and install Zango malware. FortiGuard released an advisory on this social worm on 2 January. We can be sure to see a lot more of this kind of attack in 2008.
Online auctioning of exploits is also a growing trend. This offers the average 'hacker' a way to make money with their exploits, sometimes up to 10 000 euros. Read more about this type of auctioning at www.wabisabilabi.com.
Identity theft increased considerably during 2007 and will continue to do so during the course of 2008. Facebook and other social networking services make the process of enumerating e-mails and personal details extremely easy. The development of more sophisticated spyware enables identity thieves to obtain confidential information in a much more efficient and easier way.
In terms of problematic wireless networks, which are appearing everywhere from household private networks to coffee shops, the majority of the time the right steps are not taken to properly secure the network. These days even a complete novice armed with the right tools can break into a "secured" network in less than 10 minutes. This is even possible using an iTouch or iPhone with the correct software. This is a growing trend, which we will be sure to see more of during the course of the year.
Supervisory control and data acquisition hacking can have devastating effects. Examples of such attacks occurred in 2000 when Vitek Boden released a million litres of water into the coastal waters of Queensland, Australia and a Brisbane hacker used radio transmissions to create raw sewage overflows.
There has been a large increase in the trend, with videos on the Net of draw bridges being raised, road signs being changed and train station boarding stations being changed, even a Hollywood movie focusing on these types of attacks. Not all of these attacks happen from poorly secured networks.
A local example is the greeting message being changed for international arrivals at OR Tambo during December.
Although impossible to predict the exact trends of the coming year, we can only do our best to protect ourselves from the threats that we have seen previously, as well as the threats detailed by international experts.
* Dino Covotsos is the founder and CEO of Telspace Systems.
Dino Covotsos is the founder and CEO of Telspace Systems, a South African IT security firm which started business in 2002. He has many years of experience in the IT security industry and has been involved in several large-scale projects worldwide, ranging from vulnerability assessment to attack and penetration testing for corporate clients. Covotsos uses his hands-on knowledge to help secure corporate networks in new ways. He has also written articles for various newspapers and magazines in the IT and government sectors, specifically on information security issues. He has also been featured on television (including BBC) and is a regular presenter at information security conferences worldwide.