I’ve said here, many times, that cybercriminals are some of the craftiest people on the planet. Cyber-criminals are experts at recognizing opportunity, and we know cyber-criminals use every conceivable opportunity to spread malware.
The bad guys are strategic in their thinking; they plan ahead – and realize that the timing and implementation of tactics, based on their strategy, is critical to achieving maximum “market” penetration.
Symantec Hosted Services’, MessageLabs Intelligence, puts an interesting twist on what we can expect from the bad guys in the coming year, and asks the question:
If you were a cybercriminal, what would be your resolution for the New Year?
1. Control the strongest botnet – Botnets ruled the cyber security landscape in 2009, with the 10 major heavyweight spam-sending botnets, including Cutwail, Rustock and Mega-D, now controlling at least 5 million compromised computers. With these compromised computers issuing over 83 percent of the 107 billion spam messages distributed globally, we can expect botnets to get bigger, stronger and more intelligent in the year ahead.
2. Crack the CAPTCHA – CAPTCHA breaking tools have allowed cybercriminals access to an unprecedented number of webmail, IM and social networking websites. With a new crop of more sophisticated CAPTCHAs on the horizon – some involving images and animation – it will be increasingly difficult for the bad guys to solve these puzzles with an automatic computer program.
3. Brush up on my pop culture – World events, news, and holidays always spark a bad guy’s imagination. In 2009, spammers and malware writers jumped on the news of the H1N1 virus and the death of Michael Jackson. Expect to see more celebrity names in you junk folder next year!
4. Discover the next big social network – The popularity of social networking and micro-blogging sites have led spammers to use short URLs in their spam emails. In 2009, over 90 percent of spam contained a URL and there was an upsurge of short URLs in the 2nd half of the year. Short URLs hide the true website behind the link, yet are trusted by millions of people who use them to share photos and news online. New social technologies will lead to even more creativity on behalf of the bad guys.
5. Learn a foreign language — Automated translation services allow cyber-criminals to target their attacks in local languages. While spam over 95 percent of spam is in English, the last year has seen significant increases in spam in countries where English was not the primary language. After English, the most common languages for spam (in order) are French, Portuguese, Russian and German. Spam levels in Germany and The Netherlands increased by 13% since the beginning of the year, with spam now accounting for in excess of 95% of all emails.
If you’re interested in additional information on the state of online security, you can also access the MessageLabs Intelligence 2009 Annual Security Report.
If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.
