Rootkits, spam and phishers: CA predicts more sophisticated attacks in 2007

Islandia (NY) - The cat and mouse chase between security software vendors and malware developers and distributors is going to continue in 2007. The bad guys have adapted to the security advancements of 2006 and crafted new strategies to attack vulnerable computers. CA has outlined a list of likely threats for this year.

"Malware writers continue to blur the line between trojans, worms, viruses and spyware," said Brian Grayek, vice president of malicious content research for CA, in a statement distributed yesterday. "Spyware distributors have adopted the stealth techniques of virus and worm authors, and can now adapt quickly to uncover and exploit the slightest vulnerability."

CA's outlook lists seven likely trends of threats for 2007, some of which savvy Internet users are already used to and some of which most Internet users have not seen in the past. Not surprisingly, CA expects blended threats, a strategy that uses a combination of attacks or malware, to evolve in "multi-phased" exploits to hit computers on the Internet. The same goes for spam, which is expected to see an increase in 2007, more focus on browser and other software exploits as well typo-squatting (linking easily mistyped domains to malicious sites), which will become more prevalent, according to CA.

New trends are expected in phishing, which the company believes will try to use expect social engineering tactics to become more convincing and more effectively targeted at the knowledgeable user. Fake phishing emails with subjects such as "to verify your account" will be replaced by more clever attempts, such as worms disguised as "mail failure" notices, the company said.

Also, CA expects targeted attacks, including malware sabotage as well as the increasingly popular use of ransomware to "kidnap" a user's data until the user is willing to pay for its release to be more visible in 2007. The term "rootkit" has become famous with Sony's idea to install a rootkit-like technology on its audio CDs; however, kernel rootkits could evolve into a more serious threat down the road, CA says. Kernel rootkits add code or replace a portion of kernel code with modified code to hide a backdoor and malicious activity.