2008 Security Predictions

 Security predictions for 2008 are rolling in. Here’s a summary of what’s being said in cyberspace as well as a few of my own thoughts on 2008.  

Websense Corp issued a list of top threats to watch out for in 2008. They include:

Olympics – new cyber attacks, phishing and fraud

Cross platform Web attacks – Mac, iPhone popularity spurs increase

Malicious SPAM invades blogs, search engines, forums and Web sites

Attackers use Web’s ‘weakest links’ to launch attacks

Message Labs offered their own intelligence report called:  2008 Security Predictions:

The Year the Shadow Economy Adopts Mainstream Approaches but the Threat Landscape Keeps Innovating. 

Their report claims that much more stormy weather is ahead as the shadow economy door widens further and spammers adopt virus tactics.

 If you’re looking for a video to watch on this topic, Saumil Shah, founder and CEO of Net-Square taped his views back in August at Black Hat.

Meanwhile, Baseline Magazine wrote that more trouble is in store for CISOs in 2008, as we experience increases in Web 2.0 vulnerabilities and mobile computing attacks.

The Georgia Tech Information Security Center, a research and education arm of the Georgia Institute of Technology, is quoted in the report. Their top five threats CISOs will face next year are:   Web 2.0 and Client-Side Attacks.

 Targeted Messaging Attacks.

 Botnets, specifically the spread of botnet attacks to wireless and peer-to-peer networks.

 Threats Targeting Mobile Convergence.

 Threats to Radio Frequency Identification Systems. 

 While it’s difficult to argue with any of these security challenges, I’d like to add a few other items to the possible CISO sleepless night list for 2008:

1)      A Major botnet or virus attack gets (front page) national attention as outages cost millions. We haven’t seen a major outage make the front pages of major newspapers in the past few years. This run will likely end.

Continue Reading