Security Trends in 2009 Put Web Front and Center

• By Dian Schaffhauser
• 02/10/09

##AUTHORSPLIT##<--->

WatchGuard, which sells network security appliances, has identified five trends in security that the company said will shift how attacks intrude on networks and where attacks will occur.

"Criminals do not care if your IT budget is being cut this year," said VP Eric Aarrestad. "They have one goal in mind, which is to get at your data, customer information, or to gain access to your computers, servers, and network resources."

First, the Web has become battle front. No longer will sites that focus on pornography or gambling be the exclusive domain for malware, spyware, or other malicious applications, the company said. Users now face new threats from trusted domains and everyday Web sites as they become infected with SQL injections or corrupted by host drive-by downloads. WatchGuard predicts that automated attacks will proliferate as unwary users not expecting to see their favorite Web site as a potential threat.

Second, network administrators will see increased attacks via SSL and HTTPS, which used to be considered safe and secure.

Third, social networking sites will transform into new platforms for launching Web-based attacks, as well as for initiating new scams, phishing ploys, and other tricks geared to get personal identification information.

Fourth, botnets have become stealthy. According to the vendor, botmasters will unleash new, highly sophisticated botnets. They have figured out how to make bots extremely lucrative, and now their focus will shift to keeping bots active for longer and longer periods without being detected, the company said. Their goal will be botnets of quality, not quantity as botnets become ever increasingly lucrative.

Fifth, the company expects politicians to act in rewriting security and identity protection laws to address high-profile examples of data theft. The vendor also expects to see lawsuits cropping up over Internet privacy, malicious applications, unauthorized remote use of systems and IT resources, and data leakage, driving additional new legislation.

The company counts Durham District School Board in Ontario, Canada; Heritage Christian School in Kissimmee, FL; and Belton School District in Missouri as customers.