The Georgia Tech Information Security Center (GTISC) is one of the country’s leading academic research centers focused on information security. In mid-October, GTISC held its annual summit on emerging security threats, bringing together information security experts from the public sector, private enterprise and academia. These experts released a report called "Emerging Cyber Threats Report for 2009", which discusses five specific trends that will drive threats and countermeasures in 2009. The five trends include: malware, botnets, cyberwarfare, threats to VoIP and mobile devices, and the evolving cybercrime economy.

According to experts at Kaspersky Lab, there will be a 10-fold increase in malware objects detected in 2008. In August 2008, a total of 28,940 different malicious and potentially unwanted programs were detected on users’ computers – a 38% increase over the previous month’s findings. The growth rate for malware is a sky-rocketing J curve.

There are two primary reasons behind the distribution of so much malware. The first is to steal data from individually infected machines, and the second is to take control of a broad range of machines to form a botnet that in turn distributes more malware as well as spam.

Increasingly, the purveyors of malware are turning to social engineering to get unsuspecting users to click on the links necessary to download the malicious payload. Shotgun blasts of phishing attacks are giving way to targeted messages that appear to come from a trusted source such as a friend or colleague. If you’ve ever needed a reason to block access to Facebook or YouTube at work, this may be it. The GTISC report cites a realistic example of how easy it is to spread malware via social networks:

“A Facebook message sent from one friend to another includes a link to a YouTube video of interest to the recipient. The recipient clicks on the link supposedly sent by his/her friend, and then sees a prompt to install the latest version of Flash Player in order to watch the video clip. The user clicks to install the update, but actually installs a piece of malware on the machine, effectively involving the computer in a botnet.”

Speaking of botnets, 2008 has been a year of growth, and the trend is expected to continue, according to the GTISC report. GTISC estimates that as many as 15% of online computers are unknowingly controlled by a malicious master – up from 10% just a year ago. Research from Kaspersky indicates that some of the largest botnets are comprised of corporate machines, often because it takes the average corporation two to three months to apply a security patch across all devices. The window of time when a machine goes unpatched leaves it open to known vulnerabilities.

Linda Musthaler is a principal analyst with Essential Solutions Corporation.