Targeted security attacks will rise in 2007

Financial gain continues to be biggest incentive to criminals

Targeted attacks and online fraud will play a prominent role in IT security in 2007, according to software vendor Pandalabs.

The vendor says the use of junk email for criminal gain will be a particular problem.

'In 2007, we are likely to see cyber-crooks perfecting their methods yet further,' said Luis Corrons, director of PandaLabs.

'The design and programming of phishing techniques, for example, will improve in order to counter improvements in the corresponding security systems. On the other hand, we will probably see more malicious code with rootkit functions in order to infiltrate computers unnoticed.'

PandaLabs also predicts advances in social engineering, in particular with respect to spam, bearing in mind that in the last months of 2006, junk mail was widely used to boost stock prices or even to affect election results.

'Targeted attacks will be one of the major threats in 2007,' adds Corrons. 'Many criminals identify specific targets, such as the users of certain online banks or services. They then create purpose-built malicious code which is distributed to just a few selected users. The aim is to go undetected by security companies so that no antidote will be created.'

Vulnerability exploits are another factor to consider, says Corrons. Cyber-criminals will try to exploit the time between the discovery of a vulnerability and the release of the corresponding patch by developers, he says.

'In general, the malware panorama for the coming year is worrying. The solution however involves using the technological tools available. One of the most appropriate measures is to use proactive technologies that can detect malware intuitively, unlike traditional antivirus solutions,' said Corrons.

What do you think? Email us at [email protected]