NOW READ THIS
("Security Advisory")
Submitted by: Bill Hickey
NCVA List Master
NRT-0422 Computer Security Targets for 2008:
A recent "Internet Security Outlook Report" issued by CA Incorporated warns that social
networks and Web 2.0 are among the top potential targets for online attacks in 2008. The
study, based on data compiled by CA's Global Security Advisor researchers, features internet
security predictions for 2008 and also reports on trends from 2007. CA predicts bots will
dominate 2008. The number of computers infected by botnets will increase sharply in 2008.
In an effort to become harder to detect, bot herders are changing their tactics and
decentralizing via peer-to-peer architectures. They are also increasingly using instant
messaging as their main vehicle for spreading botnets. They predict 2008 will also bring
smarter malware. There are new levels of sophistication in malware. Malware will target
virtualized computers and increasingly use obfuscation techniques to hide in plain sight.
Social networking sites are also in the hackers' crosshairs. CA says social networking
sites will become increasingly popular and, as a result, more vulnerable. The large number
of aggregated potential victims and relatively small concern for computer security make these
sites a potential windfall for cyberthieves. Along with social networks, web 2.0 services
and sites will come under targeted attacks. While it is relatively easy to implement web 2.0
services, it can be quite challenging to configure them to be totally secure. Therefore,
many internet sites using these services become easy targets, with little outward indication
that a site is compromised. Finally, Windows VIISTA will be at greater risk: twenty vulnerabilities
were reported in the operating system in 2007, according to the National Institute of Standards
and Technology. As more people use it, CA predicts more attackers will target it.
(CIO 11MAR08)