To print: Click here or Select File and then Print from your browser's menu

This story was printed from silicon.com, located at http://www.silicon.com/

Story URL: http://software.silicon.com/security/0,39024655,39164971,00.htm

Security 2007: Data theft still the one to watch
Spear-phishing, IM and VoIP should also be on the watch list...

By Will Sturgeon

Published: Thursday 04 January 2007

Although data loss and theft dominated 2006's security headlines it seems people have not learned their lessons and similar problems are likely to plague 2007.

Jay Heiser, research VP at Gartner, said "professional outsiders and motivated insiders" will pose the greatest threat to companies during 2007 with both intent on stealing valuable data.

Heiser said: "For approximately five years, we've been experiencing a steady increase in the professionalisation of cyber crime," warning this trend is likely to continue to grow at a worrying rate as criminals within and outside the organisation tear strips off many companies.

Heiser said: "For many organisations, the biggest risk will be insiders, not outsiders. The fact is that a significant amount of proprietary and regulated data walks out the door everyday."

External attackers are also showing far greater targeting of specific corporate data and problems such as spear-phishing - highly targeted email frauds - are likely to increase according to Mikko Hypponen, CTO of F-Secure.

Hypponen also expects wi-fi to become more of a target for attackers during 2007 as users become increasingly unplugged and wireless internet access becomes ever more commonplace.

Security from A to Z

Click on the links below to find out more...

A is for Antivirus
B is for Botnets
C is for CMA
D is for DDoS
E is for Extradition
F is for Federated identity
G is for Google
H is for Hackers
I is for IM
J is for Jaschan (Sven)
K is for Kids
L is for Love Bug
M is for Microsoft
N is for Neologisms
O is for Orange
P is for Passwords
Q is for Questions
R is for Rootkits
S is for Spyware
T is for Two-factor authentication
U is for USB sticks/devices
V is for Virus variants
W is for Wi-fi
X is for OS X
Y is for You
Z is for Zero-day

MessageLabs is also warning of other emerging technologies which are now very much ready for the prime time – singling out instant messaging and VoIP as areas businesses need to be guarded about.

A MessageLabs advisory warned: "2007 will see VoIP become a prime target for phishing attacks whereby spoof phone calls are made to victims to extract their credit card details or steal their identity using third party software."

The growth of 'Trojan supermarkets' is also predicted by MessageLabs - in the form of online stores offering everything the modern cyber criminal should ever require at just a few hundred dollars.

F-Secure is also predicting that 2007 will finally become the year when its repeated warnings about mobile phone malware begin to come good.

However, Gartner's Heiser remains unconvinced: "If I were a cyber criminal I would craft stealth software that stole stuff from computers with valuable information. I don't have enough imagination to think of anything highly valuable to steal from a mobile phone."