Arbor’s Security and Engineering Response Team releases its vulnerability forecasts
11th December, 2007 - Security predictions released today by Arbor Networks reveals that the iPhone will be a major target for cybercriminals in 2008. The forecast also highlights Chinese specific crime as a major issue for the New Year.
Arbor’s Security and Engineering Response Team (ASERT), who have put together the forecasts, believe that the iPhone will become the victim of a serious attack in 2008. These assaults are likely to be in the form of drive by attacks – malware embedded into seemingly harmless information, images or other media that actually perform dangerous actions when rendered on the iPhone’s Web browser. With the scrutiny the iPhone has received since its launch earlier this year over network lock-in, ASERT believes that hackers will be enticed by the possibility of attacking Apple users and the opportunity to "be the first" to hack a new platform.
Increase in Chinese cybercrime for 2008
ASERT has also predicted a rise in ‘Chinese on Chinese’ cybercrime. In the past year the team has seen a dramatic increase in the attention paid to Chinese-language specific software such as QQ Messenger and a number of malware samples focused on stealing users credentials. Arbor expects this trend to multiply in 2008 as more Chinese users come online, more software is written for the market and Chinese cybercriminals become increasingly more sophisticated and organised.
Storm botnet hijacking and Peer-to-Peer
The Storm botnet is another vulnerability that ASERT believe will be prevalent in 2008. Although the Storm botnet has been quiet for some time, there are still tens of thousands of infected PCs around the world. Arbor believes this presents a too lucrative an opportunity to be passed up and anticipate a hacker hijacking the bots for their own gain in the New Year.
Spammers are highly motivated by financial gains and are not afraid to push technological boundaries to develop new attacks. Arbor envisages an attack that will eclipse the storm worm vulnerability that caused havoc in 2007 and in 2008 we will see a much larger, but similar (spam) botnet designed to target P2P networks.
“2007 was the year of the browser exploit, the data breach, spyware and the storm worm. We expect 2008 to be the year of the iPhone attack, the Chinese Hacker, P2P network spammers and the hijacking of the Storm botnet,” said Jose Nazario, senior security engineer at Arbor Networks. “Online fraud is soaring and security attacks are now being used in countless and ever more sophisticated ways to both steal and launder money. Financial and other confidential data is being obtained, sold and utilised in the highly developed black market. In 2008 this market will continue to grow and it is important that business implement the processes and technology necessary to protect themselves and their customers.”
About Arbor Networks
Arbor Networks delivers network security and operational performance for global business networks. Arbor’s Network Behavioral Analysis (NBA) solutions are based on the Arbor Peakflow platform, providing real-time views of network activity which enable organizations to instantly protect against worms, DDoS attacks, insider misuse, and traffic and routing instability, as well as to segment and harden networks from future threats. Today, Arbor Networks’ customer base is comprised of a broad range of service provider and enterprise customers within a variety of industries spanning the globe, demonstrating the depth and breadth of the company’s security expertise. All rely on the Arbor Peakflow platform to prevent costly downtime, enable network cleanup and increase customer trust.
To learn more about Arbor Networks, please visit: http://www.arbornetworks.com . To learn more about the Arbor Security Engineering & Response Team (ASERT) – the company’s security research arm – please visit the ASERT blog: http://asert.arbornetworks.com . To learn more about the Active Threat Level Analysis System (ATLAS) Initiative – please visit http://atlas.arbornetworks.com .
Note to Editors: Arbor Networks, Peakflow, ATLAS and the Arbor Networks logo are trademarks of Arbor Networks, Inc. All other brands may be the trademarks of their respective owners.