Review of 2007: Lost in translation

• Article 12 of 33
• SC Magazine, February 2008
• View the original article online

Page 1 | Page 2 | Page 3 | Page 4 | Page 5 | All 5 Pages

Finally, alleged hacker Gary McKinnon was given leave to appeal his extradition to the US.

NOVEMBER
With hundreds of people evacuated to avoid the threat of a three-metre storm tide heading for the English Channel, it seemed appropriate that Storm returned in November, this time to blast the world's inboxes with Geocities spam/malware.

But it was HMRC's decision to finally show the world that it had what it took to be a world-class data leaker that filled the headlines. A “junior official” was blamed for couriering the personal details - including bank accounts - of 25 million people on disks that mysteriously disappeared. Salesforce.com's leaked customer list was positively small fry in comparison.

The Times of India had to shut down its website after being hacked, this time with a cross-site scripting attack that downloaded malware onto visitors' PCs. Not that Mac users had much to be happy about, following the discovery of the first professional-grade Trojan for the formerly impregnable OS.

VeriSign decided to divest itself of any business units not related to security in order to focus on web infrastructure services. Acquisitions continued apace, with Cisco bagging Securent and Symantec taking over Vontu.

2008: WHAT WILL HAPPEN IN THE OLYMPIC YEAR?
With spammers running out of clever ways to bypass email filters, the year of the Beijing Olympics is likely to be the year alternative propagation mechanisms grow in strength. Email spam is likely to get simpler and simpler, with the relatively undefended IM and social networking sites facing the brunt of the spam and malware attacks.

Simple doesn't mean ineffective, however, and the rise of targeted spam from criminal gangs hints at a far more dangerous breed of malware-related spam to come.

Web-based threats will also grow, with cross-site scripting attacks, RSS-based malware and other browser-based exploits that are hard to spot taking on increasing prominence.

As the alternative threats increase, smaller vendors will start to develop suitable protection - only to get gobbled up by larger companies. Outsourcing services will continue to grow in popularity as beleaguered IT managers find themselves unable to cope with new threats.

Data loss will continue to be a growing problem, with more companies finding themselves at the wrong end of the FSA and other statutory bodies, not just for losing data, but for failing to follow the correct procedures in the first place. And it won't just be private companies losing data - governments will continue to show an inability to keep the public's personal details secret. The first UK projects to receive greater scrutiny with be the National ID scheme and the NHS IT upgrade.

Page 1 | Page 2 | Page 3 | Page 4 | Page 5 | All 5 Pages