Security forecast stormy for 2008

The team behind the Storm malware started their attacks in January and the code has now been released in many. It is feared that the team will not only carry out further attacks but their success will prompt others to try and emulate it.

“2007 was the year of prolific cyber-crime with certain gangs becoming famous within the security industry. Notoriety within a hot market always encourages an influx of new players wanting their slice of success and thus, the threat market is set to be even hotter in 2008,” said Mark Sunner, chief security analyst at MessageLabs.

“In addition to the number of players within the market, significant increases will also be seen in the techniques the bad guys will use. Predictability is the Achilles heel of cyber-crime and the bad guys will avoid repeat attacks at all costs.”

The team also predict greater numbers of script kiddies using more professional tools to make it online. As the market for online crime matures the range of available tools will widen and the skill needed to use them will shrink.

Instant messaging spam, which was predicted to rise sharply this year, has so far failed to be a serious problem. However this is likely to change in 2008, with spammers sending out messages in blocks of a few hundred, waiting to see if a response is made, and then repeating as necessary.

The spammer will be forced to try new spamming tactics Sutter thought because spam effectiveness rates are falling. Better filtering and user education both have a role in this.