Businesses should brace themselves for dangerous variants on junk e-mail as spammers turn to sophisticated technology to evade detection and harvest e-mail addresses.
Spamming is big business, with perpetrators typically making between $5,000 and $10,000 for every one million unsolicited
e-mails they send out, Richard Ford, security expert with the Florida institute of Technology said at Compsec last week.
He predicted that spammers would turn to hacking techniques to harvest e-mails, or incorporate malicious code into spam messages designed to harvest e-mail addresses from corporate systems.
But Ford warned against governments rashly introducing laws to outlaw spamming. Hackers could spoof corporate e-mails and businesses could then find themselves caught up in damaging litigation, he warned.
Worms would become increasingly sophisticated and dangerous over the next two years, he said.
The Slammer worm infected an estimated 100,000 computers worldwide, equivalent to 0.1% of the internet, yet it slowed down internet traffic around the globe.
A "zero day" worm that exploited an unknown vulnerability could bring large sections of the internet to a halt, said Ford. It might only be a few years away, and would strike before businesses had a chance to work out how to patch their systems.
Ford also predicted that hackers would start attacking corporate intrusion detection systems.
He urged companies to start thinking about the vulnerabilities posed by new technologies such as radio frequency tags and the rapid spread of embedded networked systems.