The major threats to computer users in 2007 will be targeted attacks, advanced social engineering, phishing and vulnerability exploits. The common denominator of these attacks will once again be financial profit.
“In 2007, we are likely to see cyber-crooks perfecting their methods yet further," says Jeremy Matthews, MD of Panda Software South Africa.
"The design and programming of phishing techniques, for example, will improve in order to counter improvements in the corresponding security systems. We will also see more malicious code with rootkit functions in order to infiltrate computers unnoticed."
On the basis that in late 2006 junk mail was widely used to boost stock prices and to even affect election results, the report foresees advances in social engineering – in particular with respect to spam.
“Targeted attacks will be another major threat in 2007,” adds Matthews. “Many criminals identify specific targets – such as the users of certain online banks or services. They then create purpose-built malicious code which is distributed to just a few selected users. The aim is to go undetected by security companies so that no antidote will be created."
Vulnerability exploits will be increasingly prominent. Cyber-crooks will try to identify unknown security problems in all types of commonly-used applications and then attempt to exploit the time between the discovery of a vulnerability and the release of the corresponding patch by developers.
“In general, the malware panorama for the coming year is worrying. The solution, however, involves using the powerful technological tools available. One of the most appropriate measures is to use proactive technologies that can detect malware intuitively, unlike traditional antivirus solutions," Matthews adds.