1. Collaboration Tools
Tools that help people collaborate i.e. IM, IRC, Social Networking Sites, Video Conferencing, and White Boards. Users can expect to see a surge of attacks through collaboration tools, as membership continues to increase. These tools will help cyber criminals in stepping up to hit interactive social networking site with unsolicited e-mail and malicious links. Ignorance about clicking on an ‘interesting link’ will be exploited by the bad guys on internet. The cases of identity theft, cyber-stalking, cyber-bullying and cyber-extortion are expected to rise. At the corporate level, this may give rise to increase data theft from corporate databases.
Now a day’s companies are using virtual environments to reduce cost, save space and to increase convenience for their employees. Virtualization includes running a platform (Linux) on a different platform (Windows). But virtualization makes the security more complicated as it introduces an extra layer that must be secured. Now we have to secure both Virtual machine and the physical machine.
A bot planted on the machine, maintains a command and control mechanism to enable communication with its master. A large number of such bots under command of the same master becomes a “bot army“ that has considerable computing power to engage in a variety of malicious activities including data theft, DoS attacks, spam delivery, NDS spoofing , to name a few.
4. Cyber Warfare
The low cost associated with launching cyber attacks as compared to physical attacks, the likely deniability of crime committed on the internet and the lack of international cyber laws to resolve conflicts between nations, are the main reasons for many governments mentoring cyber warfare. The vulnerability in systems , user ignorance and overdependence on outsourcing agencies are likely to be the main reason for the success of cyber warfare. The cyber attacks that occurred between Russia and Georgia in 2008 are indicators for military cyber engagements in 2009 and beyond.
5. Phlashing attacks
The attacks on network devices (router, switches etc) and other hardware systems that rely on firmware to contain OS related problems are likely to increase. In this type of attacks, hackers upload nonauthentic firmware to devices under the guise of original firmware updates. However this malicious firmware provides a back door into a network or permanently disables the devices. This may result to completely denial-of-service attacks.
6. Wireless Risks
Wireless will continue to be a big threat in 2009. Insecure protocols, easy accessibility, lack of strong encryption and authentication and more importantly, user ignorance are the main reasons for the increase in wireless risk.
7. Threats due to Green Computing
Using computing resources efficiently is certainly a good thing. But extra care should be taken while recycling computer resources, for example it can expose your data to a stranger if you don’t ensure that the hard drives have been completely wiped.
8. Cloud Computing
Cloud computing is a buzzword these days. It is a style of computing in which resources are accessed as a service over Internet. In this technology all of your resources are kept in terminals that are placed somewhere else. But when your data is placed somewhere else you can’t ensure the security of your data from everyone else out there.
9. Insider Threat
The financial meltdown and resulting lay-offs may fuel employee discontent, to cause serious threat to corporate networks and data theft.
10. Risk for OS other than Windows
Linux is safer than Windows. Is it true?
The reason Linux enjoying this reputation is Linux is not much popular as Windows is. Major portion of desktop OS market is acquired by windows. But as the popularity of Linux will increase, attention of bad guys toward Linux will also increase. There will be more targeted attacks on Linux in coming years.