The beefed-up online crime cooperative will buy, sell, and trade ready-made cyberattack toolkits and exploits using zero-day vulnerabilities, predict analysts at Websense, a Web security company. They also expect Web 2.0 security issues to escalate in the coming year.
"Organized criminals are realizing that the Internet has been a largely untapped resource in terms of generating real profit, until now," said Dan Hubbard, VP of security research at Websense, in a written statement. "With financial gain on the table, attack methods are improving, and the number of people involved is escalating. Tools and exploits to steal personal, business, and financial information are the hottest commodities for cyber criminals."
In 2006, cybercrime and the evolution of new cybercriminals were on the rise. Websense predicts that this trend will only increase in the new year, as hackers and organized crime increasingly work together, become more organized, and target their attacks. Because of this, the market for zero-day attack code will become more competitive, and it will drive the number of zero-day attacks and heighten attacks on both clients and servers.
Web 2.0 sites such as MySpace and Wikipedia, which make up an estimated 80% of the top 20 most visited Web sites, are a growing phenomenon and increasingly attractive to cybercriminals. Websense analysts report that Web 2.0 sites, which include social networking sites, are particularly vulnerable to attack because of the constantly changing nature of their content, which is difficult to monitor and secure.
The large population of users and the ability to link users through profiles and networks will lead to more security issues within these communities, the security company reported in its written statement. Social networks aren't the only targets. According to Websense, business networks are just as vulnerable.