Cloud computing and reputable websites will see attacks next year.
Dan Hubbard, chief technology officer of Websense, claimed that 2009 will see an increase in the misuse of the cloud as well as content hosted on sites with ‘good' reputations.
He claimed that there will be more big name website compromises with regional attacks on popular websites in select properties, popular sporting sites, news sites, and continued placement of IFRAME's and other malicious redirection code within them.
Hubbard said: “In the case of sites that allow user-generated-content, the site owners need to research solutions that monitor and prevent bad code, links, and other content from being uploaded onto their site. In other cases they should have routine security assessments of their site and extensive monitoring.”
He also claimed that the threat will be augmented by several new web attack toolkits that allow attackers to discover sites that allow posts and/or have vulnerabilities.
Hubbard said that the market for attacker toolkits is thriving. “With greater demand we will see greater supply and better development. By better this usually means more stealthy, robust and harder to detect.”
He further claimed that more BOT's will add HTTP post functionality into their capabilities, which will be done via HTTP posts instead of HTTP gets, with the current most popular method which is IRC. This will have an impact on detection capabilities of security solutions.
He also claimed that virtualisation will be used to send spam or to launch more sophisticated attacks including hosting malicious code for downloads, uploading stats and testing malicious code.
Finally, following the shutdown of major botnets in 2008, Hubbard predicted that because these botnet groups have depended on only a few providers to host their C&C servers, they will distribute their servers as well as move to foreign hosting providers, making it harder for upstream providers, the internet community and law enforcement to find and shut them down.