• ITVidya.com One Purpose...One Dream...One Vision..One Mision..Your Wealth Creation through Knowledge, Networking and Opportunity
Home

Olympics to spur security threats in '08

Websense predicts content-based threats to top the list security concerns in 2008.

There is a possibility of large scale denial-of-service (DoS) attacks on Beijing Olympic-related sites as political statements and fraud attempts through email and the Web surrounding the Olympics, according to Websense’s prediction of top ten security threats for 2008.

It also foresees compromises of popular Olympic news or other sports sites — attacks that would install malicious code and steal confidential business information.

Hackers will devise new means for cross-platform Web attacks taking advantage of the popularity of Macs and iPhones. Special interest groups falling under a certain age group, wealth bracket, or people with particular purchasing habits, will become targets of Web 2.0 attacks, predicts Websense.

Websense’s observation further says that spam will increase in the blogosphere and ‘talk back’ sections of news sites will drive traffic and increase search engine rankings of infected Web sites.

Web 2.0 additions like Google Adsense, mash-ups, widgets, and social networks along with the Web advertisements linked to Web pages have increased the possibility of ‘weak links’ and contents that are vulnerable to compromises.

Attackers will increasingly exploit the weakest links to target more Internet users. Search engines and large user networks like MySpace, Facebook or other social networking sites are most vulnerable to these attacks.

Number of compromised Web sites will outnumber of created malicious sites. Hackers are using evasive techniques that use poly-morphic JavaScript (Polyscript) meaning that a uniquely coded Web page is served up for each visit by a user to a malicious Web site.

By changing the code every visit, signature-based security scanning technologies have difficulty detecting Web pages as malicious and hackers can extend the length of time their malicious site evades detection.

Websense predicts an increased use of crypto-virology and sophistication in data concealment including the use of stenography, embedding data within standard protocols, and potentially within media files. Toolkits widely available on the Web will be used to embed proprietary information and steal data.

In 2008 Websense predicts that vishing and voice spam will combine and increase. Users will receive automated voice calls on LAN lines with voice spam to lure them to input their credentials through the telephone.

Websense anticipates that with global cooperation of enforcement agencies, 2008 would see the biggest crackdown on hacker groups.



Source : www.ciol.com

TAGS