Kaspersky Lab, a leading developer of secure content management solutions, presents its outlook for the computer security industry in 2009. The company’s top experts have prepared a brief report outlining what they see as the key trends affecting IT threats and IT security software in the coming year.
PCs and the Internet are now an inseparable part of our everyday life and the data stored on them have become valuable assets. At the same time, the number of malicious programs and their modifications as well as the rate at which they are distributed continues to grow rapidly. According to the Kaspersky Lab analysts, this makes proactive protection of computer systems even more important.
The specialists at Kaspersky Lab pointed to several major IT threats that users are likely to contend with in 2009. One of the main developments is the infection of computers via removable storage media such as USB flash drives, CDs and DVDs. Recent mass infections of PCs have been caused by malicious programs that automatically launch from such media, often because users are unaware of the risks attached to them.
Surfing the web is second on the list of prime threats. Kaspersky Lab experts have noted a sharp increase in the number of Internet sites infected with malicious code. Between one in every 50 to one in every 300 sites is currently infected, according to various sources – in 2006, those figures were 10 times less. This is the result of virus writers mastering techniques that enable malicious programs to be modified every time they are downloaded from a site. Another development has seen greater use of popular Internet sites that are trusted by users to spread malware. We estimate that more than half of all malicious programs will be placed on such sites in 2009.
The Internet is witnessing rapid growth in financial and banking services that enable clients to make e-payments, manage their bank accounts or exchange currency online, etc. Of course, this attracts the attention of cybercriminals, and the experts at Kaspersky Lab see Internet fraud such as phishing and the theft of bank card details becoming even more widespread in 2009.
As more and more children and teenagers gain access to the Internet particular attention needs to be paid to the protection of minors on the Internet, since the very real problems of pedophilia and pornography are as prevalent as ever. This merely adds to the importance of parental control systems that enable dangerous or undesired content to be filtered.
In 2008, Kaspersky Lab experts also noted an increase in hacker and virus attacks utilizing hi-tech malicious programs whose detection and treatment required cutting-edge technology. In the near future, this is likely to add to the competition between antivirus vendors, putting so much pressure on them that only the most professional companies will be able to survive.
In the past, the majority of malicious programs were designed to attack computer systems that were not protected by antivirus solutions. Now, virus writers have changed tack and the analysts at Kaspersky Lab believe more and more malware will incorporate technologies that combat detection and deletion from computer systems. The number of malicious programs specifically designed to bypass certain types of filters are expected to grow.
Virus writers will continue to exploit vulnerabilities in operating systems and popular applications, a factor that will be especially relevant considering the release of Microsoft Windows 7 in 2009. The growing popularity of “alternatives” to Windows, such as MacOS and Linux, will inevitably lead to an increase in the number of malicious programs attacking those operating systems as well.
The authors of the review also foresee a proliferation of fake antivirus programs that “detect” nonexistent threats and extort money from users in order to “treat” them.
In order to combat the threats outlined above, Kaspersky Lab’s experts believe antivirus vendors will make greater use of the latest protection techniques based on proactive technologies, reputation services such as online requests to centralized databases, restricted access rights when downloading applications, security update management systems and lists of trusted applications. These methods will supplement the traditional signature-based approach to antivirus protection, but they are still incapable of replacing it completely.