Rogue security software is still one of the major threats facing IT users, closely followed by search engine poisoning and social network malware.
These are some of the findnigs of CA’s State of the Internet 2009 report, which states that the most notable 2009 online threats were rogue/fake security software, major search engines, social networks and Web 2.0 threats. The results were released by CA distributor Workgroup.
The report compiles trends from the first half of 2009 and is based on data compiled by CA’s Global Security Advisor researchers who have also offered predictions for the top Internet threats for 2010, including an increase in “malvertising” and the potential for another big computer worm outbreak, like Conficker.
“CA researchers tracked several trends in 2009, including rogue or fake security software, which is software that poses as legitimate Internet security software but is actually malware,” says Ligia De Gouveia, CA product manager at Workgroup. “CA added detection for 1 186 new variants of rogue security software, a full 40% increase compared to the last half of 2008.”
Search index poisoning was also a highlight with attackers employing search engine optimisation mechanisms to manipulate search engine rankings and poison users’ search results, leading them to compromised Web sites that can cause malware infections, De Gouveia adds.
“Social Networks and Web 2.0, or online communities, blogs, and social media sites are highly targeted,” says De Gouveia. “Financially motivated organised groups are among the most aggressive attackers, creating hundreds of bogus profiles to perform various tasks, including distributing malware, spamming and stealing online identities to perpetuate networking sites.”
These, in addition to identity theft, cybersquatting, typosquatting and Mac OS X threats were the most prevalent threats in 2009.
Going forward, De Gouveia says predictions for 2010 include:
* Search engine optimisation exploits and malicious advertising will increase as a means to increase malware.
* Another big computer worm, like Conficker, is likely.
* Threats to Web 2.0 technologies will continue to grow.
* Denial-of-Service attacks will increase in popularity as a means to make a political statement. Twitter and Facebook are likely to fall victim once again.
* Banking Trojans will manifest as banking related threats orchestrated to steal user identities for financial gain.
* Malware actors will focus on the 64-bit and Apple platform.