Security vendors scope out 2010 landscape

Malware infections are likely to become more severe next year

A fresh crop of malware is expected to create larger botnets, more extensive infections and new attack vectors in 2010, according to experts.

As the year draws to a close, a number of vendors are issuing annual security reports and 2010 predictions, suggesting future trends ranging from the decline of rogue security attacks to the growth of social networks and peer-to-peer services as attack targets.

Security firm Kaspersky argued that file sharing services could increasingly become a favoured method for attack. The company noted that the services are gaining popularity with attackers after their role in spreading a number of infections, including a much-publicised piece of malware for OS X.

The malware infections themselves could also become more severe. Kaspersky predicted that attackers will increasingly make use of rootkits and other covert methods to avoid detection by security vendors.

That sentiment was echoed by CA's EMEA vice president of internet security, Joseph Souren, who likewise suggested that malware writers would look to new methods in infection and evasion.

"It is a cat and mouse game," he said. "Cyber criminals are evolving along with the malware community and are constantly looking for new vulnerabilities to exploit, from online banking to search index poisoning."

One of the most popular malware scams of 2009 was the use of fake anti-virus tools. The attacks often present the user with phoney scan results and bogus warning messages in an effort to collect payment for a non-functional security product.

CA noted that such attacks reached record levels in 2009, with the first half of the year posting a 40 per cent increase in new attacks over the previous year.

Some experts, however, think that the worst of the rogue anti-virus attacks may have already passed. Kaspersky suggested in its report that the market for such scams may see a decline in the coming year.

"The fake anti-virus market has now been saturated and the profits for cyber criminals have fallen," the company said.

"Moreover, this kind of activity is closely monitored by both IT security companies and law enforcement agencies. This makes it increasingly difficult to create and distribute fake anti-virus programs."