"Malware, especially from compromised web sites, was a huge issue in 2008. Many legitimate sites such as MSNBC.com, History.com, ZDNet.com and many others suffered compromises, in some cases for days. Unlike the past, the sites looked normal, but unsuspecting web surfers with vulnerable systems were exploited when they visited these sites.
Search engines were used, such as Google, to compromise systems. This happened in several ways, including:
- Tricking the search engine indexing and results logic to escalate malicious web sites to the top of the list where users were more likely click on it.
- Using the "paid for" or "sponsored links" areas of search engines to direct users to compromised sites.
As predicted, hackers towards compromising end points (individual systems such as desktops, laptops and servers) and placed less emphasis on external direct attacks - although this still happens frequently.
On the flip side, we expected botnets to play a larger role in 2008. While botnets increased in size, scope, and sophistication, they weren't used to the scale expected. Basically, botnet controllers were sowing more and reaping less in 2008.
Also, out of the blue, we had the whole DNS exploit issue come back from the dead. We saw a lot of these in the 90's when DNS was first used and then we went nearly a decade without many DNS flaws. I don't think anyone expected a core DNS vulnerability on a worldwide scale. The good news is that very few known cases of serious exploits occurred.
Vista had fewer serious security vulnerabilities than expected. This may be because so few people are migrating to Vista and many even downgraded to XP. I imagine that if more people were using Vista, 1) we would find more vulnerabilities and 2) more attackers would spend time trying to exploit it. Attackers are all about bang for the buck. If most people are still using XP, they will focus on XP. It is just that simple."
Here's the list.
#1. Malicious Insiders - Rising Threat
#2. Malware - Steady Threat
#3. Exploited Vulnerabilities -Weakening Threat
#4. Social Engineering - Rising Threat
#5. Careless Employees- Rising Threat
#6. Reduced Budgets - Rising Threat
#7. Remote Workers - Steady Threat
#8. Unstable Third Party Providers - Strong Rising Threat
#9. Downloaded Software Including Open Source & P2P Files - Steady Threat