Hi, Mark. 

I'll go with "or just what".   

Seriously, although still an ongoing problem, education has made significant leeway in reducing phishing attempts.  Improved spam filters have also helped reduce phishing attempts.

Fake antivirus programs (rogues) became prominent around 2005 (remember names like SpyAxe and SpySheriff from the "SmitFraud" family?).  Since then there have been hundreds of rogues, many malware writers merely re-naming the previous iteration and missing changes to the GUI (graphic user interface) that presents the fake, "your computer is infected" warning. I've noticed a decided decline in rogues since around May of this year.  Rogues remain a serious problem.  However, when new rogues were showing up daily, it was more difficult for security programs to keep up with updated definitions to detect them. 

Fake antivirus programs can also be classified as trojan downloaders (downloading malicious files from a remote server followed by installing and executing the files).   Many of the recent variants have taken on a more serious aspect, aften including a rootkit component.

Tip:  If you ever run into one of the fake/rogue antivirus programs, do not click anywhere on the window -- this includes Cancel or the X to close.  Instead, use the keyboard shortcut Alt+F4 until all windows are closed.  Follow with an updated antivirus/anti-malware scan.  

So, after the above discourse, what do I think is the biggest threat today?  Java and Flash exploits. 

Now, let's see what the other panelists think. 

Hello,

For me I think FakeAV will continue to be one of the security vendors' headaches -- just like spam.  The bad guys earn tremendous amount of money with this technique so I don't think they will stop anytime soon.

For the "emerging threat" I think it will be threats for mobie devices since almost all new gadgets can now be connected to the Internet -- which makes it more vulnerable to attacks.

Regards,
Cyrus

Hello,

Corrine, PCBruiser and CyrusR had some excellent answers about the biggest threats today, so I am not sure how much more I can add, but let's see:

1. As operating systems and applications become more secure, criminals are going to target victims through social engineering mechanisms.  There are many different ways to do this and they occur in many different forms.  Because the industry has done a great job of explaining the threat posed by malware, Fake AV programs, rely on exploiting that aware and tricking the user into purchasing something which has no benefit.  Phishing scams request personal and/or private information, trying to convince users to part with information that can be used to steal their identify, or access the various online accounts used for email, banking, gaming and so forth.  Quite a few people do not realize their web-based email service may keep an archive of all their messages.  That includes messages from banks, credit card companies, online stores and other services which may allow a criminal to siphon funds or purchase items using your money.  On social networking sites like Facebook this can be amplified, as people have a higher level of trust for messages coming from friends.
   
   
2. On the malware side, the problem continues unabated.  What twenty years ago ranged from pranksterism to damaging behavior has become a burgeoning black market industry with multiple layers of specialization as well as cross-connections with other organized crime.  Malware is so economically focused now that it is cause for news when a particular threat doe not have any financial motivation behind it.  Criminals can make a lot more money with a lot less risk by using keyloggers to steal bank account passwords than robbing a branch. 

As far as specific technologies go, let's see what I can come up:

1. I expect we are going to see more malware targeting 64-bit operating systems as that's the direction the industry is moving in on desktops and even notebooks. While quite a bit of 32-bit malware works just fine under 64-bit versions of Microsoft Windows [just like other 32-bit apps, after all], the 64-bit versions of Windows have some additional safeguards in them to prevent special types of programs like device drivers which interface with the system at a lower level and have greater privileges from running without a valid digital certificate.  Therefore, I expect to see more components like bootkits be deployed, which are intended to bypass these protections in the operating system.
   
   
2. The trend in using encryption to secure web connections and to digitally sign programs in order to allow them to run means that criminals are going to target the certificates, used to safeguard those connections and files, as well as the folks who own those certificates and those who create them. "If everyone starts locking their doors we'll just start stealing keys." seems to be the response, although targeting certificate authorities (the organizations responsible for issuing digital certificates) is a bit more like going after the company which makes the blank keys and key-cutting equipment.
   
   
3. In addition to malicious software such bots, worms, Trojans and even venerable computer viruses, we are going to see more "grey areas" as well. 
   
   This includes applications which is potentially a threat because they can make changes to a systems that undermine their safety, security and reliability; spy on user activity; make exaggerated, unsupported and unverifiable claims about their effectiveness; are distributed through pay-per-install commission scams; repackage orphaned software and re-sell it, introduce advertisments, toolbars and other unwanted software; change web browser settings and so forth. 
   
   ESET, like many other vendors, breaks these down into two broad categories, Potentially Unwanted Applications and Potetentially Unsafe Applications (both abbreviated PUA, unfortunately)  with the former lending themselves to deceptive practices while the latter being tools with legitimate uses that are being misused.  Other vendors may use classifications such as adware, crapware, fraudtools, hacktools, pests, potentially unwanted programs, riskware, spyware, trackware and forth.  I wrote a white paper leat year called Problematic, Unolved and Argumentative [PDF, 983KB] on this, and am in the process of revising, since so much has changed since then.

Hopefully, I have answered your question without trivializing or overexagerrating things too much.  The general trend I have seen over the past decades is one of things getting worse, but there are a few spots of brightness.  Both the US Government and Microsoft has had some success is shutting down botnets and fraudulent web sites this year, and journalist Brian Krebs is amongst the people doing some great research into the underpinnings of the criminal ecosystem, so I think there is some hope that things will improve in time.

Regards,

Aryeh Goretsky

---

I am a volunteer and neither a Lenovo nor a Microsoft employee. • Dexter is a good dog • Dexter je dobrý pes
X220 (4286-CTO) • W510 (4318-CTO) • X120e (0596-CTO) • T61p (6459-CTO) • T43p (2678-H7U) • T42 (2378-R4U) • T23 (2648-LU7)
  Deutsche Community   Comunidad en Español