Hackers to exploit economic downturn in 2009

Cyber criminals are likely to exploit the worsening financial crisis with increasing regularity and ingenuity during 2009, threatening businesses and individuals alike, according to new research by security firm McAfee released today.

At a time when many people are on the lookout for extra money, McAfee's 2009 Threat Predictions (PDF) report highlighted an expected rise in phishing scams designed to part consumers with their cash, and a surge in 'mule' recruitment sites targeted at naïve web users.

The study also warned of hackers moving attack-generating tools to the cloud, making it more difficult to reverse-engineer the threats.

"For the attacks to work they need to be natively running on the internet, which is a challenge for us trying to create [an antidote] in the lab," said McAfee security analyst Greg Day.

"We are also seeing threats becoming far more savvy than in recent years. When you couple this with volumes, they are keeping us very busy."

2009 could also see a return to "old-school parasitic infectors", this time using infected USB sticks rather than floppy disks, and the use of fast-flux techniques which involve malicious sites using several IP addresses to avoid detection.

Stuart Okin, former Microsoft security advisor and now managing director of security consultancy Comsec, agreed that the economic situation is likely to increase the number of incidents, but highlighted the insider threat as the most dangerous.

"The current climate as people are laid off, combined with organised crime putting pressure on individuals, is the single most dangerous thing businesses need to focus on," he said.

"I am not suggesting that people are going to do bad things but, if you look at it from a top-level perspective, that is where the threats are."

See also: