'Content-based web attacks to top security threats in 2008'

By siliconindia   |   Thursday, 13 December 2007, 02:53 IST
Printer Print Email Email
Coimbatore: Websense Security Labs, a firm that investigates threats to Internet security, is anticipating content based web attacks to top the list of threats in 2008. The other threats being cross-platform web attacks, special interest attack targeted at specific groups, morphing of Java script and the like, reported Business Line. In its annual security predictions for 2008, Websense has said that the Olympics would spark an outbreak of hacker activity such as compromises of popular Olympic news or other sports sites. Websense researchers envision the possibility of large scale denial-of-service (DoS) attacks on Beijing Olympic related sites and fraud attempts through email and the web surrounding the Olympics. The lab has also predicted, "Hackers would leverage the increased adoption of Macs and iPhones as new means for cross-platform web attacks. Special interest groups falling within a certain age group, wealth bracket or people with particular purchasing habits would become targets of web 2.0 attacks and spam would increase in the blogosphere and 'talk back' sections of new sites to drive traffic and increase search engine rankings of infected web sites." According to Websense, the attackers would increasingly exploit the weakest links within the web infrastructure to target the greatest number of Internet users. The most vulnerable to these attacks are search engines and large user networks such as MySpace or other social networking sites as they have a higher probability of delivering a payoff. The lab is anticipating the number of compromised websites to surpass the number of created malicious sites as the web, as an attack vector, has been increasing steadily over the last five years. With hackers upping the ante with evasion techniques by changing the code every time a user visits the malicious site, signature-based security scanning technologies have difficulty in detecting the web page as malicious. Websense is expecting a crack down on key hacker groups and individuals by global law enforcement agencies and arrest of key members of a hacker group in 2008. The research team sends close to 80 security updates every day to protect its employees from external and internal computer security threats.