Georgia Tech report highlights threats in Web 2.0, botnets, messaging, mobile, and RFID, as well as countermeasures

Dark Reading Staff, Dark Reading

October 5, 2007

2 Min Read

In 2008, the number of user machines that become bot-infected will be one in 10 or greater, according to the Georgia Tech Information Security Center (GTISC), which earlier this week released a report on the main threats for next year.

Botnets, not surprisingly, are one of the top five threats the GTISC says will plague the Internet in '08. Tens of millions of computers -- about 10 percent of those connected to the Net -- are already acting as bots in botnets today, the GTISC says. And next year, botnets will not just be mainly spam and denial-of-service attack weapons, but also more for data theft and DNS abuse. And look for more botnets to move to peer-to-peer networks to evade detection, the report says.

“We’ll see a continued increase in the amount of fraud carried out by botnets in 2008, pushing the levels of users infected by a bot to 1 in 10 or greater. The entire IT community -- service providers, security vendors, websites and users -- all must play an active role in protecting from this evolving and expanding threat,” says Wenke Lee, associate professor of GTISC and the College of Computing at Georgia Tech, in the report, which was released in tandem with a GTISC-sponsored cybersecurity panel.

The other threats that will evolve and increase next year are Web 2.0 and client-side attacks; targeted messaging attacks; mobile attacks; and attacks on RFID systems, the GTISC says.

Among other things, the report proposes educating Web developers on secure coding techniques; adopting more behavior-based protection; enabling protection engines to understand JavaScript; and encouraging Website remediation and better content-filtering by browsers.

And the GTISC says mobile services providers next year will begin promoting more anti-malware solutions for mobile devices on their networks, and add firewalls and IPSes for tighter security. The GTISC also recommends more vulnerability research in the session initiation protocol (SIP) for voice-over-IP and mobile convergence applications.

— Kelly Jackson Higgins, Senior Editor, Dark Reading

About the Author(s)

Dark Reading Staff

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

See more from Dark Reading Staff
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe

You May Also Like

More Insights
Webinars
More Webinars
Events
More Events

Editor's Choice

VPN other edge devices cybersecurity
Endpoint Security
Teetering on the Edge: VPNs, Firewalls' Nonexistent Telemetry Lures APTsOn the Edge: VPNs, Firewalls' Nonexistent Telemetry Lures APTs
byRobert Lemos, Contributing Writer
Apr 23, 2024
4 Min Read
Kuala Lumpur, Malaysia, skyline against the harbor at sunrise
Cyber Risk
Licensed to Bill? Nations Mandate Certification & Licensure of Cybersecurity ProsLicensed to Bill? Nations Mandate Certification of Cybersecurity Pros
byRobert Lemos, Contributing Writer
Apr 23, 2024
4 Min Read
MITRE Corp's logo in blue
Endpoint Security
MITRE ATT&CKED: InfoSec's Most Trusted Name Falls to Ivanti BugsMITRE ATT&CKED: InfoSec's Most Trusted Name Falls to Ivanti Bugs
byNate Nelson, Contributing Writer
Apr 22, 2024
3 Min Read
Reports
More Reports
White Papers
More Whitepapers
Events
More Events