CA identifies fakeware, search engines and social networks as major information security threats of 2009

The analysis, which was compiled from information security trends observed during the first half of the year, and other observations by the firm's researchers over the year as a whole, makes for interesting reading.

The report predicts that 2010 will see the arrival of `malvertising' and the potential for another big computer worm outbreak like Conficker.

Joseph Souren, vice president of CA's internet security business unit, said that cybercriminals have made a business out of conducting attacks on the most popular online destinations because they promise the highest pay-off.

"Cybercriminals keep up with trends, major events, holidays, and the like, and focus on where they'll get the biggest returns. Search engines, like Google and Yahoo, or social networking sites, like Twitter or Facebook, have the mass appeal to attract these criminals", he said.

"In addition to internet security software, the best weapon against today's threats is education, so that consumers know what to look for when they are conducting activities online", he added.

CA's report says that the main information security trend in 2009 were:

  • Rogue or fake security software, which the analysis said is software that poses as legitimate internet security software but is actually malware. This type of software, the firm said, has experienced a significant surge in popularity. In the first half of 2009, CA added detection for 1186 new variants of rogue security software, which is a 40% increase compared to the last half of 2008.
  • Search index poisoning: Google is a frequent target of online threats. Attackers employ sophisticated search engine optimisations to manipulate search engine rankings and poison users' search results, which direct them to compromised websites that can cause malware infections.
  • Social networks / web 2.0: Popular online communities, blogs and social media sites, such as YouTube, MySpace, Facebook and Twitter, are highly targeted. Financially motivated organised groups are among the aggressive attackers, creating hundreds of bogus profiles to perform various tasks, including distributing malware, spamming and stealing users' online identities to perpetrate further cybercrime. An example of this, CA said, is the Win32/Koobface worm that propagates through social networking sites, using the affected user's login credentials to send messages to the user's list of connected friends and family.
  • Identity theft: Attacks targeting online credential allowed email address harvester for Spam bots, sweeping FTP accounts for web infection and attributing to social network worm propagation, like Win32/Koobface. Data-stealing trojans accounted for 23% of the most prevalent malware infections in 2009.
  • Cybersquatting and typosquatting: Malicious websites that masquerade as legitimate, reputable sites deceive users into undertaking transactions or activities in which they divulge sensitive data.
  • Mac OS X threats: Security threats have come to the Mac. In 2009, CA ISBU added 15 intelligent signatures detecting Mac OS X threats, the most prevalent of which was OSX/Jahlav.

According to Souren, levels of malware doubled in 2009 and the ability to purchase bots and other malicious programmes online is becoming more prevalent.

"It is a cat and mouse game. Cybercriminals are evolving along with the malware community and are constantly looking for new vulnerabilities to exploit, from online banking to search index poisoning", he added.

So what are the likely threats we will see in 2010?

CA said that it expects to see:

  • Search engine optimisation exploits and malicious advertising (malvertising) will increase as a means to distribute Malware.
  • Another big computer worm like Conficker is likely. The increasing popularity of web-based applications and discovery of critical zero-day vulnerabilities, especially for new operating systems such as Windows 7 and Google Chrome, CA said, present a good opportunities for a new worm outbreak.
  • The other bug security threat comes from web 2.0 technologies, such as social networks, which CA predicts will continue to grow in 2010.
  • The IT security firm noted that denial of service attacks will increase in popularity as a means to make a political statement. Popular websites like Twitter and Facebook are likely to fall victim once again in the New Year, CA said.
  • And last, but not least, CA sid that banking trojans will be a potentially major threat in 2010, with trojans manifesting as banking-related threats orchestrated to steal users' identities for financial gain.

What’s Hot on Infosecurity Magazine?