Browse
related articles
Looking ahead
Throughout the year, Symantec collects data that provides the basis for an analysis of future and emerging trends. Organizations should use this information to prepare themselves for a number of rapidly evolving and complex security issues in the coming year, including:
• Modular malicious code. Increasingly, malicious code authors have been deploying modular malicious code. Modular malicious code is malicious code - such as worms, viruses, and Trojans -- that initially possesses limited functionality. However, once installed on a target computer, it downloads other pieces (or modules) of malicious code with different functionalities and further compromises the infected computer.
• Phishing continues to evolve. Phishing messages are continually being altered in order to evade antispam and antiphishing filters. This is driving new innovation in methods of evasion, particularly in the use of randomized changes in phishing messages. This can take the form of randomized pixels in attached images, as well as URL obfuscation techniques such as the use of cousin domains, and Web site redirection. Security administrators are urged to monitor the registration of "cousin" domain names and to educate users on the increased sophistication of these types of attacks.
• Wireless security threats. As the number of wireless local area networks (WLAN) in enterprises and other locations continues to increase, so too do the number of concerns posed by insecure wireless access points. In some cases, attackers impersonate the wireless access point itself in order to capture sensitive or useful information from machines attempting to connect to it. This has led to a reported increase in the number of "war drivers" who use those connections to launch attacks and steal confidential information.
• VOIP threats. Voice over Internet Protocol (VoIP) is quickly becoming a widely adopted alternative to traditional analogue phone systems. It has been estimated that by the end of 2006, two-thirds of the Global 2000 companies will have adopted VoIP as their primary means of voice communication. Security researchers believe VoIP may be vulnerable to a wide range of possible attacks. While there are currently few reported attacks directed at VoIP systems, Symantec feels that as this new communications technology gains widespread acceptance and deployment, it is only a matter of time before attackers target it more intensely.
The need to be proactive
As these highlights demonstrate, the threat landscape is changing. Where traditional attack activity was motivated by curiosity and a desire to show off technical virtuosity, many current threats are motivated by profit. They often attempt to perpetrate criminal acts, such as identity theft, extortion, and fraud.
As a result, enterprises need to be especially diligent in keeping their systems up-to-date with security patches and security solutions. It is also strongly recommended that they employ defense-in-depth practices, which emphasize multiple, overlapping, and mutually supportive defensive systems to guard against single-point failures in any specific technology or protection methodology. This should include the deployment of antivirus, firewalls, intrusion detection, and intrusion protection systems on client systems. Enterprises should also ensure that they are actively monitoring their environments 24x7 against attack.
By publishing its analysis of Internet security activity in the Internet Security Threat Report, Symantec hopes to provide enterprises with the information they need to help effectively secure their systems today.
Symantec, Middle East
