Security predictions released today by Arbor Networks reveals that the iPhone will be a major target for cybercriminals in 2008. The forecast also highlights Chinese-specific crime as a major issue for the New Year.
Arbor’s Security and Engineering Response Team (ASERT), which has put together the forecasts, believes the iPhone will become the victim of a serious attack in 2008. These assaults are likely to be in the form of drive by attacks malware embedded into seemingly harmless information, images or other media that actually perform dangerous actions when rendered on the iPhone’s Web browser. With the scrutiny the iPhone has received since its launch earlier this year over network lock-in, ASERT believes that hackers will be enticed by the possibility of attacking Apple users and the opportunity to “be the first” to hack a new platform.
ASERT also has predicted a rise in Chinese on Chinese cybercrime. In the past year, the team has seen a dramatic increase in the attention paid to Chinese language-specific software such as QQ Messenger and a number of malware samples focused on stealing users credentials. Arbor expects this trend to multiply in 2008 as more Chinese users come online, more software is written for the market and Chinese cybercriminals become increasingly more sophisticated and organized.
The Storm botnet is another vulnerability that ASERT believe will be prevalent in 2008. Although the Storm botnet has been quiet for some time, there are still tens of thousands of infected PCs around the world. Arbor believes this presents too lucrative of an opportunity to be passed up and anticipates a hacker hijacking the bots for their own gain in the New Year.
Spammers are highly motivated by financial gains and are not afraid to push technological boundaries to develop new attacks. Arbor envisages an attack that will eclipse the storm worm vulnerability that caused havoc in 2007, and in 2008, we will see a much larger, but similar (spam) botnet designed to target P2P networks.
Arbor Networks www.arbornetworks.com