The year 2004 bustled with serial computer virus outbreaks.
It also saw an increase in bot programs, spam and phishing incidence, as well as an increase in spyware and adware generation, indicating that most attacks are gearing towards that quest to cash in on every popular Internet application and device and every available security loophole.
Outdated forms and methods of attacks have been promptly replaced with newer, more effective methods that can ensure greater reach, effectiveness, and thus, larger profits.
Based on the general trend of malicious code and Internet-based attacks in 2004, Trend Micro has listed out the following forecasts for 2005, including corresponding mitigation requirements:
- Spam and phishing will continue to be a major concern causing e-mail glut, and will require better filtering services.
- Blended threats, which compromise and considerably drain network resources, will continue to hound Internet users. These threats generally follow an observed lifecycle and as such, mitigation of these types of attack strictly requires the management of each stage of the lifecycle-from inception to termination.
- Most malware programmes (as observed in most bot programmes in 2004) will continue to employ anti-antivirus and anti-security routines to ensure infection, requiring the use of system cleaning services to ease the impact on system security.
- The foreseen increase in the usage of Web traffic redirection and spoofing techniques will require more stringent surfing policies.
- Use of non-standard file types to circumvent attachment filters will demand better file type recognition.
- IRC (Internet Relay Chat) and P2P (Peer-to-Peer) communication will continue to be the weak security links requiring moderation policies.
- Time between vulnerability discovery and exploit release will continue to get shorter, requiring proactive assessment tools.