Twelve cyber security veterans, with significant knowledge about emerging attack patterns, worked together to compile a list of the attacks most likely to cause substantial damage during 2008. The list was released by the SANS Institute.
Here’s the list of the worst security threats companies will face this year:
1. Increasingly Sophisticated Web Site Attacks That Exploit Browser Vulnerabilities - Especially On Trusted Web Sites
Here’s the list of the worst security threats companies will face this year:
1. Increasingly Sophisticated Web Site Attacks That Exploit Browser Vulnerabilities - Especially On Trusted Web Sites
Attackers are getting more savvy with exploit codes, and more and more are targeted trusted Web sites.
2. Increasing Sophistication And Effectiveness In Botnets
Bots made headlines throughout 2007, and botmasters are getting increasingly sophisticated in their tactics.
3. Cyber Espionage Efforts By Well Resourced Organizations Looking To Extract Large Amounts Of Data - Particularly Using Targeted Phishing
Well resourced organizations – namely, nation-states –will use phishing and other attacks to gain economic advantage.
4. Mobile Phone Threats, Especially Against iPhones And Android-Based Phones; Plus VOIP
The introduction of new mobile computing platforms will lead to increased attacks, and VoIP systems are also vulnerable.
5.Insider Attacks
The threat of an internal strike forces security pros to clamp down on access and set more rigorous policies.
6. Advanced Identity Theft from Persistent Bots
Some bots stay on computers for months, all the while collecting personal data that can be used for extortion and identify theft.
7. Increasingly Malicious Spyware
More sophisticated tactics will evade anti-virus, anti-spyware and anti-rootkit tools, leading to more persistent problems.
8. Web Application Security Exploits
Programming errors in applications like Web 2.0 tools are seen as increasingly vulnerable, giving attackers a new venue.
9. Increasingly Sophisticated Social Engineering Including Blending Phishing with VOIP and Event Phishing
Criminals are using targeted attacks –like a phishing e-mail on job offers for Monster.com users – combined with VoIP to amplify their impact.
10. Supply Chain Attacks Infecting Consumer Devices (USB Thumb Drives, GPS Systems, Photo Frames, etc.) Distributed by Trusted Organizations
USB connections from vendors or conferences increasingly contain dangerous software.
For more info click here.
On the other hand, the latest Internet Security Outlook Report issued by CA, Inc. forewarns that online gamers, social networks and high-profile events like the U.S. presidential election and the Beijing Olympics are among the top potential targets for online attacks in 2008. According to other predictions from this report, bots will dominate 2008 ,Windows Vista is at risk, but mobile devices will still be safe, despite rumors of mobile malware.
