Top 10 Security Threats for Windows Vista
McAfee , owner of the popular Anti-Virus Tool has released its top 10 security issues for 2008, which include recurring online threats and a rise in communications-related threats relating to VoIP and instant messaging platforms. It is to no surprise that all this really revolves around windows vulnerabilities, specially Vista.
Here is the TOP 10 list:
1. Windows Vista
Windows Vista is set to gain additional market share next year, crossing the 10 percent mark, including the release of Service Pack 1 set for 2008, which is likely to bump up adoption figures.
“As Vista becomes more prevalent, attackers and malware authors will start in earnest to explore ways to circumvent the operating system’s defenses…we can expect a lot more Vista vulnerabilities to be reported in 2008,” predicted McAfee.
2. Botnets on the rise
With the fuss over the havoc that was created by the Storm worm this year, McAfee sees the proliferation of botnets continuing on into next year.
“Storm created the largest peer-to-peer botnet ever. [We] expect others to ride the coattails of that success, pushing up the number of PCs turned into bots,” stated McAfee.
It has also been the “most versatile malware on record”, with “thousands of variants… more infection methods and social engineering schemes than any other threat in history”, said the company’s release.
Aiding the proliferation of the botnets is the high-profile prosecution of bot herders this year–McAfee expects criminals to “seek better ways to cover their tracks”, as a result.
3. Instant messaging
Although the occurrence of a “flash” worm spreading via instant messaging, and instantly infecting millions around the globe has not happened yet, McAfee believes the possibility is “closer than ever”.
The number of vulnerabilities in popular instant messaging applications more than doubled this year compared to 2006, with 10 of those threats this year considered high-severity, while none last year were, according to the security company.
4. Online gaming
Virtual economies are seeing an increasing threat that is “outpacing the growth of the threat to the real economy”, said McAfee, citing the rise in password-stealing Trojans targeting online communities compared to banks.
“As virtual objects continue to gain real value, more attackers will look to capitalize on this,” said McAfee.
5. VoIP attacks on the rise
With more than double the number of security vulnerabilities reported for VoIP (Voice over Internet Protocol) this year compared to 2006, “it is clear that VoIP threats have arrived and there’s no sign of a slowdown”, said McAfee
6. Virtualization transforming information security
Although security vendors are embracing virtualization to aid in security defense, McAfee expects malware authors to play the “classic game of cat and mouse”, eventually finding ways to defeat the current virtualization developments by the security companies.
7. Social networking and Web 2.0
The recent publicity of compromises and presence of malware on social networking sites, such as Salesforce.com, Monster.com and MySpace, shows a trend toward malicious attackers targeting these popular sites.
With the sites making it easier to access personal information, users are increasingly open to attacks, with the information shared lending the attacks “more authenticity”, said McAfee.
The security vendor expects a “large increase” in Web 2.0 targets next year.
8. Phishing to grow
McAfee expects “smaller, less-popular sites” to be targeted, as a result of top-tier sites strengthening their walls.
Furthermore, password-stealers may exploit user carelessness and apathy toward good security practices. “Knowing that a large percentage of people reuse their usernames and passwords, less popular sites are likely to be targeted more frequently than before, giving criminals the same access,” stated the release.
9. Parasitic crimeware to regain popularity
Although the viruses that sit on the user’s disk, modifying existing files “faded into the background” in recent years, 2007 saw the rise of “old school crimeware” such as Grum, Virut and Almanahe.
This year also saw the resurrection of an older threat, Philis, with its variants growing by over four times; 400 variants of a newcomer, Fujacks, were also noted by the security firm.
All these indicate a renewed interest in parasitic malware, and McAfee projects its growth to be 20 percent in 2008.
10. Adware continues its decline
Perhaps the only positive news in the list, adware is set to carry its decline from this year into 2008. McAfee attributes this to government crackdowns, better defensive systems and the increasingly-negative connotation associated with this form of advertising.