Computer Crime Research Center


Computer crime: Top threats in 2007

Date: January 03, 2007
By: Nestor E. Arellano

What kinds of security attacks should you worry about in 2007? Will companies that adopt environmentally friendly processes find greener pastures? Will enterprises look overseas for people to manage their IT assets? How will deregulation affect the Canadian telecom industry?

IT World Canada asked several industry experts for their take on these and other issues. And here’s what they had to say.

Right on target

The closing year saw a remarkable slow down in worm attacks and widespread malware assaults, according to Internet and mobile security services provider F-Secure Corp. based in Helsinki, Finland.

The firm says in 2007 we’re likely to witness an increase in targeted attacks against organizations, with backdoors, booby trapped documents and rootkits.

A 'backdoor" is a method of bypassing normal authentication, or of securing remote access to a computer, while attempting to remain hidden from casual inspection. The backdoor may take the form of an installed program, or could be a modification to a legitimate program.

"Instead of transmitting millions of e-mails with infected attachments, attackers are sending as few as five infected e-mails to a single target," said Mikko Hypponen, chief research officer at F-Secure.

In this scenario, he said, hackers use a cloaking device such as a rootkit to conceal a backdoor and extract valuable information from the target company. The forged e-mails may include booby-trapped Microsoft Office documents, or Excel spreadsheet files that appear to come from a legitimate source or even the company itself.

Hypponen also warns of an increase in phishing scams and the use of bogus domain names.

"Obviously phishing works since the attacks continue to build in force and complexity," he said.

Crafty social engineering schemes and counterfeit but well-constructed Web sites or phishing e-mails will separate the unwary from their money or private information, according to industry observers. Scam artistes, increasingly, are deploying sites with a lifespan of just an hour, to entice users and then disappear.

PayPal and EBay continue to be the most targeted outfits by phishers, but some German banks are also becoming popular targets, said F-Secure.

Some sites deploy bogus login boxes that ask users to type in valid PayPal user names, passwords and credit card numbers.

Despite the growing threat, a recent survey found a large number of Canadian companies have limited or no security training for their employees.

Power shift

Our apologies to Kermit the Frog, but IT insiders say vendors are increasingly finding out that being green can help them remain in the black.

This awareness has triggered a growing concern about the cost of maintaining IT assets such as data centres, with a power efficiency as low as 70 per cent, according to Mike Thompson, director, business practices management at research firm Butler Group in London.

Anything affecting the bottom line is a matter of concern and that goes for power consumption by IT resources, according to George Bulat, director of data driven products at IDC Canada Ltd. in Toronto.

He said companies are devising various strategies to lower power cost to cut overall energy bills. These include adoption of energy efficient processes that benefit the environment and conserve valuable resources.

Bulat predicts more companies will be employing server-based computing and virtualization to save energy by shifting power consumption from the office to the machine room these computing models lower the cost of managing IT services and reduce energy bills. "Blade servers and virtualization reduce the number of physical machines that consume energy."

More vendors will be touting manufacturing and recycling processes that are kinder to Mother Earth.

For one, the Restriction on Hazardous Substances (RoHS) directive took effect earlier this year in Europe. The directive bans companies from selling on the EU market electronic equipment containing more than agreed levels of several toxic substances such as lead and mercury. Several U.S. states and Canadian provinces have either set up or are at work on their own RoHS flavours. "This is the start of a new way of manufacturing," says Joe Cala, director of operations for global RoHS compliance at Celestica Inc. in Toronto.

Some companies such as Hewlett-Packard Inc. (HP) intend to reduce toxic emissions from their facilities, as well as used products sent to landfills, said Frances Edmonds, director, environmental programs at HP Canada. She said HP has a program to reduce plant emissions by 15 per cent by 2010, and aims to recycle as much as 1 billion lbs. of hardware and supplies in 2007.

"One of the strongest drivers for greening IT is customer demand and enterprise savings," said Edmonds.

Researchers recently discovered a novel way of saving energy – the "off button"! The province of British Columbia, for instance, can save as much as $30 million a year in electricity costs if business and home users turned off their computers when not in use, according to David Rogers, technology and project management specialist with BC Hydro.

We are the world

Collaboration will stake its claim as a business production application in 2007. "Workers are finding a lot of reasons not only to share information but also to work together on certain applications," said Carmi Levy, senior research analyst, Info-Tech Research Group Inc. in London, Ont.

Among collaborative apps, Microsoft's SharePoint continues to be a leader but there are other notable players such as IBM's WebSphere and Groove Network Inc's. Groove.

Meanwhile expect to see start-ups such as ConceptShare tackle more intriguing applications around the notion of collaboration. The Subdury, Ont-based company recently unveiled a product that helps the likes of designers, artists, marketing executives and clients share and work on complex materials such as posters and other art materials. "In 2007 we will see greater adoption of collaborative tools and their eventual evolution into built-in features of end-user products," said Levy.

Computing without borders

In 2007 organizations will continue to resort to outsourcing but expect more companies to allocate projects to multiple vendors rather than a single supplier.

"As existing deals reach their renewal stage, companies will gravitate towards agreements of shorter duration with a greater number of outsourcing suppliers," said Alan Rodgers, research analyst, Butler Group. He said the key advantages of this strategy are flexibility, speed in implementing changes and risk avoidance. "By splitting work among numerous suppliers, companies can reduce the risk in case something goes wrong with one outsourcer."

Rodger also sees enterprises cutting spiraling data centre costs by using remote infrastructure management strategies. He said companies will increasingly transfer tasks such as network management, application development and maintenance, and business processes development to offshore locations.

India will continue to be among the bigger players in the outsourcing market as it maintains a hold of over 50 per cent of outsourced assignments, but other countries in South America, Africa and Asia are carving out their own territory, according to Rodger.

Compliance and BI

Analysts foresee compliance becoming a strong driver for the development of business intelligence (BI) tools that provide greater transparency and reporting.

"We will see the emergence of pre-packaged applications for monitoring corporate performance as measured against industry directives such as the Market in Financial Industry Directive that will take effect in the European Union in 2007," said Sarah Burnett, senior research analyst, Butler Group.

Companies will look to extend that visibility to operations they have outsourced, said Tom Eid, research vice-president at Gartner Inc. in Stamford, Conn.

When it comes to big ticket IT expenditures, large enterprises will be putting service-oriented architecture (SOA) adoption at the top of their to-do list, according to industry analysts.

"SOA vendors will have a strong year in 2007," according to Josh Greenbaum, principal of Enterprise Application Consulting in Berkley, Calif. Greenbaum did not provide any numbers but said he foresees a growing trend towards SOA deployment driven by "low implementation costs and high return of investment (ROI)."

He agrees with Burnett that compliance-driven specific reporting tools with be in demand in the coming year. "Customers will be looking for applications that monitor performance against specific industry requirements."

"Leaders in this space will be IBM, SAP, Microsoft and Oracle," said Greenbaum.

Large companies are also planning to purchase new BI software and upgrade existing enterprise resource planning (ERP) software, according to Forrester Research Inc. in Cambridge, Mass. A Forrester survey of 1,078 IT decision makers found as many as 13 per cent plan to purchase new BI software.

"ERP will remain the top upgrade, while messaging, e-mail and collaboration software will lead the pack in minor upgrades," according to Forrester.

Virtualization brings real benefits

Virtualization will continue to gain momentum in 2007 but the trend leans towards products that enable the management of...
Original article

Add comment  Email to a Friend

Discussion is closed - view comments archieve
2007-12-09 15:33:53 - hay mohammadi fach moradi rachid
2007-11-03 07:59:19 - The Internet Security is a major issue... Haitham
2007-09-14 14:12:38 - i like this website. tantisha
2007-09-13 11:46:57 - i indeed learned from this site Its... Jenson Joseph
2007-08-11 06:39:08 - In casablanca exist a gang using a... Alami mehdi
2007-06-05 19:39:34 - review top threats in 2007 Katharine Bostick
2007-05-08 00:41:52 - the Internet users in Major Countries of... H R MEENA
2007-05-08 00:36:19 - pls publish this article on cyber crime... H R MEENA
2007-05-08 00:28:56 - if any top threats related to credit cards... H R MEENA
2007-02-26 03:13:05 - The information I found here was rather... uomo
Total 11 comments
Copyright © 2001-2013 Computer Crime Research Center
CCRC logo