The "cloud" will increasingly be used for malicious purposes in
2009, according to a report by security firm
Websense.
Global enterprises must rethink their approaches to web, data
and messaging security, the State of Internet Security report
said.
The report also predicts an increased use of
Rich Internet Applications (RIAs) such as Flash for malicious
purposes.
With an explosion of demand for applications using these RIA
technologies, security is an afterthought, opening up the door for
cybercriminals, the report said.
Attackers will increasingly take advantage of the programmable
web where open
application programming interfaces (APIs) allow websites to
share functionality.
Web APIs are being released at a record rate, leaving little
time for testing and requiring a level of trust between users, the
report said.
Websense predicts the coming year will see a rise in the
malicious use of some web service APIs to exploit trust and steal
user credentials and other information.
The rise in the number and popularity of websites that allow
user-generated content will make these sites attractive targets to
cybercriminals.
This will lead to a significant rise in malicious content in
blogs, forums and social networking sites, the report said.
Cybercriminals are expected to move to a more distributed way of
controlling and hosting malcode after two main criminal hosting
companies were shut down in 2008.
Shutting down the web hosting companies
McColo and Intercage/Atrivo had a significant effect on
spam.
Websense expects cybercriminals to distribute their servers and
move to non-US hosting providers in 2009 to make it more difficult
to track them down.
Based on the increased use of legitimate websites to host
malicious code in 2008, this trend is expected to continue.
In 2009, more than 80% of all malicious content will be hosted
on sites with good reputations, the report said.