Forecast 2006: Hackers May Hit Mobile Devices, Cisco Routers, Microsoft Vista
Malware has thrived on PCs and servers, but Symantec expects hackers to go after new types of devices, such as routers, switches, and back-up systems, in the coming year.
Mobile devices, Cisco routers, Oracle software, VoIP: businesses can expect all these and more to become hacker targets in the next year and beyond, according to Symantec. Oh, and don't forget Windows Vista, Microsoft's next-generation operating system. They're all places that the financially-motivated new generation of hackers might look to exploit.
Frequent Microsoft security patches, SANS Institute studies and worm attacks suggest the next generation of Windows should be prime meat, yet on this topic Symantec treads lightly. "We'll see an intense amount of focus when those things come out," says Dave Cole, director of Symantec Security Response. "But the amount of continual focus on them will depend on the amount of blood in the water."
Meanwhile, Symantec thinks one of the biggest developments will be attacks and attempts on alternative devices and platforms. As networked and user devices gain more intelligence and more computing power, they may become targets. "We're seeing a shift in emphasis over to non-PCs: your router, your switch, your back-up device," Cole says. "It's like whack-a-mole. You hit one and another pops up. We've now got to make sure the entire infrastructure is protected."
Although there haven't been any widespread attacks, cell phones and mobile devices will become more ripe for hacking as software becomes interoperable and financial data climbs onto their hard drives and networks. However, even though voice-over-IP is expected to boom in the coming year, it isn't an easy target, Cole says. Still, Symantec has seen "a heavy amount of scrutiny" on endpoint applications associated with VoIP.
Hackers also will continue their shift toward targeted attacks, Cole says. Symantec labs are seeing a shift toward financial motivation and an acceleration of bot attacks that turn systems into agents for malware. And new laws and regulations may make adware and spyware much less pervasive.
But even in more traditional, non-targeted attacks, Symantec thinks malicious code will increasingly find new paths of attack such as Websites " whose entry fields are already subject to code insertion " and instant messaging programs. Look out too for the year of the rootkit, a pickle that's sent Sony flailing in the last month. Wherever the money is, that's where attackers will play, Cole says. "They're going to go after the easiest way possible to gain a buck."
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.