Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: 2006 Predictions - SANS Internet Storm Center SANS ISC InfoSec Forums

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
2006 Predictions

 On December 27th I asked for predictions for 2006.  Here is what we got.  Many thanks to all of you that responded.  Now let's see how close these guys are.

From Dan:

You asked for them...

 Below is a list of some of the topics we may be seeing in the New Year:

*Web-born worms

 Not a lot of these around yet. Myspace and some other online sites were infected, but with the mass amounts of exploits for Web scripting languages and un-patched machines this is bound to happen.

 * RSS malcode

 Great technology. As more browsers embed this and include exploits,  the frequent / unattended nature of RSS will be used to infect.

* Trojans outpace worms

 We already are starting to see this. New Trojans and variants of Trojans are coming out daily in volume.

 * Voice-over-IP Phishing (Vishing )

 Somebody had to come up with another name :-). Using Voice over the Internet could introduce another means to deceive unsuspecting users to do something they should not be.

 * Toxic Blogs

 Yes, blogs are everywhere. Including here. Fact is that most of them do not check for scrupulous scripting, scan their file posts, and allow active content in posts.

 * Xbot 360

 The Xbox connecting over the Internet for updates and other things leads me to believe that this will simply be another way for attackers to use your PC and your connection at home for their own purposes.

 * Cross Site scripting attacks

 High-profile ecommerce and financial websites have had (and will have cross site scripting vulnerabilities). Attackers will leverage these for Phishing , Trojan Downloader's and for other nefarios reasons more frequently.

From Jeremy:

I believe that one of the biggest threats are going to be insecure databases.   The proof of concept database worm that was released about a month or so ago is just the very beginning of what we will see over the next year+.  To me this is a very real problem as I have audited environments where there was a huge focus on securing hosts and servers, but zero or minimal focus on securing the database.

From Jim:

My 2006 predictions/paranoid phobias:

  1. "Zero-Day" exploits that are discovered and exploited by The Bad Guys, with no one being the wiser until it is far, far too late; 2. Tightly-targeted malware (currently being used) that, once it gleans information from financial institutions, allows the attacker(s) to then completely trash the entire information store - causing panic/chaos (if only for the targeted company(s); 3. Hackers taking the Fed's recent announcement that "the Internet is not vulnerable to widespread attack" as a personal challenge.
Again - thanks to the contributers.

272 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!