Websense Predicts 2008's Top Ten Security Threats
THIS RELEASE HAS BEEN DISTRIBUTED BY WEBITPR
writeit:-
This release is available at:
http://www.webitpr.com/release_detail.asp?ReleaseID=7299
Websense Predicts 2008's Top Ten Security Threats
Olympics, Online Advertisements and Web 2.0 Threats Top Hacker's To-Do Lists
Chertsey - December 6, 2007 - Websense, Inc. (NASDAQ:WBSN) today issued its annual security predictions for 2008-with content-based threats topping the list.
Specifically, the Websense® Security Labs(tm) expects: the Olympics will spur a flurry of hacker activity such as compromises of popular Olympic news or other sports sites; hackers will leverage the increased
adoption of Macs and iPhones as new means for cross-platform Web attacks; special interest groups that fall within a certain age group, wealth bracket, or people with particular purchasing habits, will become
targets of Web 2.0 attacks; and spam will increase in the blogosphere and "talk back" sections of news sites to drive traffic and increase search engine rankings of infected Web sites.
"Looking at the current attack trends, cyber criminal techniques are evolving quickly and efficiently to not only evade detection, but to steal data and manipulate trusted content such as Web sites and applications," said Dan Hubbard, vice president of security research, Websense. "It's critical that organisations and individuals recognize that attackers are changing techniques and launching targeted attacks."
Websense Security Labs researchers gather threat intelligence with Websense ThreatSeeker(tm) technology which scans more than 600 million Web sites per week searching for malicious code, along with Websense's On Demand Services, which scans more than 350 million emails per week for email security threats. The Websense Security Labs research team, credited with finding several high-impact Web exploits and zero-days, sends out an average of 80 security updates per day, to protect more than 42 million employees from external and internal computer security threats.
Websense 2008 Security Threat Predictions
1. Olympics - new cyber
attacks, phishing and fraud
Event-based attacks and scams
are popular, and with the whole world watching, the 2008
Olympics may fuel a surge in cyberattacks. As the Olympic
torch burns, Websense researchers predict the possibility of
large scale denial-of-service (DoS) attacks on Beijing
Olympic-related sites as political statements and fraud
attempts through email and the Web surrounding the Olympics.
Additionally, Websense predicts compromises of popular
Olympic news or other sports sites -attacks designed to
install malicious code on end-users' machines and steal
personal or confidential business information.
2. Malicious SPAM invades blogs, search engines, forums
and Web sites
Websense predicts that hackers will
increasingly use Web spam to post URLs to malicious sites
within forums, blogs, in the commentary or "talk-back"
sections of news sites and on compromised Web sites. This
activity not only drives traffic to the infected Web sites
but also assists in the purveyor's site sitting higher on
search engine rankings, increasing the risk that users will
visit the site.
3. Attackers use Web's 'weakest links' to
launch attacks
The Web is an entanglement of links and
content. The advent of Web 2.0 additions such as Google
Adsense, mash-ups, widgets, and social networks along with
the massive amounts of Web advertisements linked to Web
pages have increased the likelihood of 'weak links'-or Web
sites and content that are vulnerable to compromises.
Websense predicts that attackers will increasingly exploit
the weakest links within the Web infrastructure in order to
target the greatest number of Internet users. Most
vulnerable to these attacks are search engines and large
user networks such as MySpace, Facebook or other social
networking sites.
4. Number of compromised Web sites will
surpass number of created malicious sites
The Web as an
attack vector has been steadily increasing for the last five
years and now attackers are using compromised sites as their
launching platforms-even more than their own created sites.
Compromising sites-particularly, sites well-visited by
end-users, such as the Dolphin Stadium attack that occurred
a few days prior to the 2007 Super Bowl XLI in Miami.,
provides attackers with built-in Web traffic and minimizes
the need for lures through email, instant messaging or Web
posts.
5. Cross-platform Web attacks - Mac, iPhone
popularity spurs increase
With the brand popularity and
growing use of iPhones and Macintosh computers, Websense
researchers predict attackers will increasingly launch
cross-platform Web attacks that detect the operating system
in use and serve up code specifically targeting that
operating system instead of attacks based on just the Web
browser. Operating systems that are targeted now include
Mac OSX, iPhone, and Windows.
6. Rise in targeted
Web 2.0 special interest attacks-hackers targeting specific
groups of people based on interests and profile
Web 2.0
has spawned a proliferation of Web users that visit chat
rooms, social networking sites, and special interest Web
sites such as travel sites, automotive, and more. These
sites provide attackers with potential victims that fall
within a certain age group, wealth bracket, or people with
particular purchasing habits. In 2008, Websense researchers
predict targeted attacks will rise toward specific social
networking or special interest sites that have a higher
probability of delivering a payoff.
7. Morphing
JavaScript to evade anti-virus scanners
Hackers are
upping the ante with evasion techniques that use
poly-morphic JavaScript (Polyscript) - which means that a
uniquely-coded Web page is served up for each visit by a
user to a malicious Web site. By changing the code every
visit, signature-based security scanning technologies have
difficulty detecting Web pages as malicious and hackers can
extend the length of time their malicious site evades
detection.
8. Data concealment methods increase in
sophistication
Websense predicts an increased use of
crypto-virology and sophistication in data concealment
including the use of stenography, embedding data within
standard protocols, and potentially within media files.
Toolkits widely available on the Web will be used to embed
proprietary information and steal data.
9. Global law
enforcement will crack down on key hacker groups and
individuals
In 2007, large-scale Internet-based attacks
garnered the attention of law enforcement officials around
the world. Websense anticipates that through the global
cooperation of enforcement agencies, in 2008 the biggest
crackdown and arrests of key members of a hacker group will
occur.
10. Vishing and voice spam will combine and
increase
The vast cell phone user population has grown
into a lucrative market to exploit with spamming and
"vishing" for financial gain. To date, researchers have seen
an increased number of vishing attacks but not a lot of
spam-or pro-active automated calling. In 2008 Websense
predicts that "vishing", or the practice of using social
engineering and Voice over IP (VoIP) to gain personal and
financial information and voice spam will combine and
increase-users will receive automated voice calls on LAN
lines with voice spam to lure them to input their
credentials through the telephone.
To subscribe to the latest threat research and alerts, please visit: www.websensesecuritylabs.com
About Websense,
Inc.
Websense, Inc. (NASDAQ: WBSN), protects more than 42
million employees from external and internal computer
security threats. Using a combination of preemptive
ThreatSeeker(tm) malicious content identification and
categorisation technology and information leak prevention
technology, Websense helps make computing safe and
productive. Distributed through its global network of
channel partners, Websense software helps organisations
block malicious code, prevent the loss of confidential
information and manage Internet and wireless access. For
more information, visit www.websense.com.
# # #
Websense and Websense Enterprise are registered trademarks of Websense, Inc. in the United States and certain international markets. Websense has numerous other unregistered trademarks in the United States and internationally. All other trademarks are the property of their respective owners.
This press release contains forward-looking statements that involve risks, uncertainties, assumptions and other factors which, if they do not materialize or prove correct, could cause Websense's results to differ materially from historical results or those expressed or implied by such forward-looking statements. All statements, other than statements of historical fact, are statements that could be deemed forward-looking statements, including statements containing the words "planned," "expects," "believes," "strategy," "opportunity," "anticipates" and similar words. These statements may include, among others, plans, strategies and objectives of management for future operations; any statements regarding future product offerings; statements of belief and any statements of assumptions underlying any of the foregoing. The potential risks and uncertainties which contribute to the uncertain nature of these statements include, among others, risks relating to execution of growth initiatives, customer acceptance of the company's services, products and fee structures; the success of Websense's brand development efforts; the volatile and competitive nature of the Internet industry; changes in domestic and international market conditions and the entry into and development of international markets for the company's products; risks relating to intellectual property ownership; and the other risks and uncertainties described in Websense's public filings with the Securities and Exchange Commission, available at http://www.sec.gov. Websense assumes no obligation to update any forward-looking statement to reflect events or circumstances arising after the date on which it was made.
Media Contacts:
Elinor
David
elinor.david@harvard.co.uk
0208 5646310
Atila
Moatazed-Keyvany
Atila.moatazed-keyvany@harvard.co.uk
0208
5646304
Releases from webitpr are available via
RSS:
http://www.webitpr.com/rss/feeds.asp
writeit:-
This release is available at:
http://www.webitpr.com/release_detail.asp?ReleaseID=7299
Title: Websense Predicts 2008's Top Ten
Security
Threats
Re: Websense
Date: 06/12/2007
WebitPR (www.webitpr.com) has distributed this release on behalf of Harvard PR. Please contact Elinor David, on +44 208 5646310 or email elinor.david@harvard.co.uk, if you have any questions or enquiries regarding the release.
WebitPR aims to provide a targeted distribution to our clients and editorial contacts. If you wish to be removed from our database, please email us at enquiries@webitpr.com, or reply to this release email.
If you feel that the releases you have received from us have not matched the industry or geographical topics you cover, please email us so that we can make the relevant corrections on our database. We endeavour to provide editorials contacts only with those releases that are of interest.
Kind Regards
Jonathan Dolby
Managing Director
WebitPR
Disclaimer:
Whilst WebitPR Ltd endeavour to ensure the accuracy of the information contained in this Release, WebitPR Ltd cannot accept any liability for:-
* the inaccuracy
or otherwise of any information contained in this Release;
or
* any loss liability or expense which may be
suffered by any party in consequence of acting or omitting
to act as a result of any information contained in or
omitted from this Release; or
* any loss or
suffering which may be caused by or to any party either as a
result of the information contained in this Release or
such information contained in this Release being
inaccurate or otherwise misleading.
In the event that any information contained in this Release is inaccurate or misleading then please contact WebitPR at the above e-mail address.
ends