Ten threat predictions for 2008

It is that time of year again. Time to publish my predictions for 2008.

ThreatChaos Predictions for 2008

1. Facebook widgets will be used to distribute malware. Facebook, the hugely popular social networking site with millions of users has recently introduced the ability of users to create and publish small applications, widgets. These applications could be for just about anything. I have seen one that asks you to compare your friends in a “hot or not” like manner. Another, a simple game, is a blatant rip-off of Scrabble. Facebook hosts these applications and makes it possible for users to share and interact with them. In 2008 we will see attempts to exploit Facebook through these widgets. It could be through a vulnerability in an existing application that could for instance allow the download of a malicious Trojan. Or, it could be a new application deployed to steal information or infect visitors’ computers.

2. Google’s just announced OpenSocial is an attempt to break the strangle hold that MySpace, Facebook, and LinkedIn are attempting to establish with their user bases. OpenSocial is a set of tools meant to allow developers to create social network applications that can cross the boundaries of proprietary systems. Imagine a mash-up between your Linkedin network and your Salesforce.com database. While OpenSocial promises great rewards in increased networking functionality it opens up risks for exploitation. In 2008 we will see the first attempts to exploit Open Social tools to hack social networks.

3. Salesforce.com AppStore will be involved in a data loss incident. In 2007 we saw the first targeting of Salesforce.com (SFDC) through phishing attacks. Once a user’s credentials where stolen they were used to gain access to their database of contacts who were then spammed. Imagine the power of a SFDC application that is maliciously used to steal information from those who use it. I predict that 2008 will be the year that SFDM applications will be exploited for nefarious purposes.

4. China will continue to have its way with other nation’s critical information. In 2007 we learned that attacks emanating from the Chinese military had penetrated the German Chancellery, England’s Whitehall and the Pentagon. 2008 will see a continuance of China’s attacks on Western governments and industry. More penetrations of government agencies will be uncovered and publicized.

5. Ex-Soviet states will continue to snipe at each other using the weapons of cyber-extortionists: Distributed Denial of Service Attacks, the tactical nukes of the digital era. In May of 2007 a political dispute over a war memorial in Estonia escalated to a full fledged cyber attack against Estonia encouraged by the Putin regime. I predict that Russia will continue to use their newfound ability to use cyber extortionists’ tools to impose their political will on break away states.

6. Cyber crime will get up close and personal. Targeting will become the most profitable means of attack for the cyber criminal. In 2007 Igor Klopov, a 24 year old Russian, used the Forbes list of wealthiest Americans to choose a target billionaire in Texas. More companies and individuals will find themselves the targets of hackers in 2008.

7. Financial markets will be disrupted by increasingly elaborate schemes: pump and dump combined with DDoS for instance. One scenario that could play out: Hackers use phishing attacks to gain access to online brokerage accounts. They liquidate the victim’s stock portfolio and buy short positions in some other stock. They then execute a massive denial of service attack against the company behind that stock and redeem their positions when the stock tumbles.

8. The world learns what the Storm Trojan is for. The Storm Trojan is one of the most sophisticated pieces of malware ever. It has defensive abilities that are used to try to shut down researchers. To date it has not been used but its huge distribution, possibly more than 50 million instances, could be a one of the most disruptive weapons ever deployed on the Internet. In 2008 we will learn just what the Storm Trojan is meant to do.

9. Terrorist organizations bring out DDoS as a weapon against e-commerce and media sites that choose to display images of Mohamed. This actually first occurred in December 2006 but the site involved chose not to publicize the incident. Imagine what would happen if a site started selling plush toys bearing the names of various prophets? Watch for it in 2008.

10. Game console exploits will be transmitted over the Internet, the Wii in particular. The game console industry is tremendously competitive. One of their biggest opportunities is in networking games between consoles. Network access means exposure to network attacks. That coupled with the wide ownership of game consoles by hackers and you have an easy prediction for 2008. Vulnerabilities in game consoles will be exploited to spread malware.

-Richard Stiennon

Disclaimer: These predictions are my personal opinions. They in no way reflect the opinions of my employer or ZDNET.