McAfee's complete list of predictions for next year:
1. The number of password-stealing websites will increase using fake sign-in
pages for popular online services such as eBay.
2. The volume of spam, particularly bandwidth-eating image spam, will continue
3. The popularity of video sharing on the web makes it inevitable that hackers
will target MPEG files as a means to distribute malicious code.
4. Mobile phone attacks will become more prevalent as mobile devices become
'smarter' and more connected.
5. Adware will go mainstream following the increase in commercial Potentially
6. Identity theft and data loss will continue to be a public issue – at the
root of these crimes is often computer theft, loss of back-ups and compromised
7. The use of bots, computer programs that perform automated tasks, will increase
as a tool favoured by hackers.
8. Parasitic malware, or viruses that modify existing files on a disk, will
make a comeback.
9. The number of rootkits on 32-bit platforms will increase, but protection
and remediation capabilities will increase as well.
10. Vulnerabilities will continue to cause concern fuelled by the underground
market for vulnerabilities.
ISP's should hopefully take the lead in educating their customers about the potential
dangers of connecting via their networks. It won't happen but I long for the day
when ISP's become accountable for the damage that their customers cause. Only then
might they take note and take the action that would reduce the problems we see today
and will continue to see a rise of in 2007.
Mobile phone companies have the ability to use hardware to prevent or at least
reduce the effect of Viruses, only cost and the 'impact' on their profit margins
could deter them. Far too many companies see it as a 'non-value added process'
when it comes to investment in the infrastructure required to halt the spread of
For many years, most ISP's were quite happy to let the weaknesses in the OS's take
the majority of the blame when in fact it is the users that ultimately shoulder
the responsibility of ensuing the security of their machines.
If you sent an email to 1000 users with the subject of "This is a virus, do not
open and execute", you can bet that there will be a percentage that will still open
it and still run it.
If you sent the same virus but said "This is a free picture of a top celebrity doing
something they shouldn't" an even larger percentage will open it.
I've often seen the analogy of buying a new car and not being able to drive it
off the forecourt until you have proven you have the required insurance and qualifications
to be able to legally do so. Whereas I don't think there is a need for every
PC owner to sit an exam in order to be allowed to use the internet, ISP's should
ensure through regular education and updates the need for vigilance and caution
when using the network.
I would like to see the day when the ISP and/or user is held accountable for the
damage caused to my network because of the actions of the user. Maybe then
people will take due care when they know they can be held liable.