I've seen many sites/people talk about their field of expertise predictions to 2010. I've decided to make my own
Here's my prediction :
1. Conficker - Updating itself through a new vulnerability, public or zero day. Through that, attacker s would be able to reach compromised computers using the Conficker P2P protocol which allows signed files by conficker writters to be shared in the same network. In my opinion, conficker was written much before the MS08-067 discovery. Conficker writers have finished the design of the worm and most of the code before the release of the MS08-067 and just waited for the right stable exploitable bug to come up. Like that, they will wait for the next one to come-up and reach most of the infected computers out there and start make profit out of it.
Nice conficker neat tricks from SANS diary
2. First multi-vector attacking worm - Unlike many worms (even l0lworm) who has one or more attack vectors (p2p files, password guessing, remote exploits, etc), I think, in 2010 we'll encounter multi-vector attacking worm which will use many remote exploits to attack in the same network or world-wide. This worm will also be using other techniques already seen such as password guessing, file-infections for p2p files, Disk on Key infections, e-mail sending containing malicious pdf files, etc, etc, etc. One thing which I'm truly afraid from is bots used for sql-injections / brute-force attacks for websites and by that inserting malicious iframes/code for infecting great amount of websites which will infect tons of people. Lots of techniques in the same worm would be very very dangerous, I can see it coming.
3. Malicious writers wouldn't target low-level for widely spread trojan/worm/... . Why am I thinking positive about this one? Well, some stuff we've seen on 2008/2009 were mostly PoCs but not widely spread (except Mebroot). Virus writers want something that the end-user wouldn't notice, and spreading a wide low-level-changing payload on lots of people, will cause trouble to some of them. It's just not worth it.
4. Anti-Viruses - Kaspersky will remain the best anti-virus also in 2010. Symantec which currently far far behind and considered a joke among some of the security researchers will try harder this year, but still, it wouldn't be enough. Free anti-viruses will be still growing and gaining more installs.
5. SQL Injections in big open-source platforms will be the main infection method in 2010 in my opinion (well, without taking in mind remote-exploits :)). Sites will be vulnerable to SQL Injections which will add client-side attacks in iframes/same page. Except of trying to get 1 site that will infect people, using widely spread sql injection in many sites running the same platform, malware writers would be able to exploit them all, without website's admin notice (most of the times) that his pages serves as infection pages.
7. Virus writers targeting Mac - Not sure about that. I think this one will actually start getting more infections, but it's quite risky to say. (Unrelated) Although, one worm had spread recently using jail-broken default password for IPHONES. I think this year will be interesting to see regarding iphones and blackberrys.
8. Google - I think that by the end of this year the will open their own ISP/Service CALL Provider. Using their phones, they will allow free calls over the net from android phones to android phones, like BB messages, but in google's phones. Interesting to see a big competition to iphones and blackberrys.
9. Consoles - I think, this year, the PS3 might get hacked to run burnt copies of their games. Why? because Sony is losing money to Microsoft that made a really easy to crack system. Wait, What? are you saying that Sony will provide a way to run "back-up" cds? Not sure, they might. Probably in the next console they will not make that hard encryption, that's for sure (but that's not going to happen in 2010 as far as I know). I think there might be a chance of someone spreading a trojaned game for XBOX360 in one of those torrent sites. Before you know it, your XBOX360 will be a bot (I'm not sure it's possible with digital signatures and such, but if it is, I think it's a big risk).
10. Vulnerabilities - ADOBE will keep up the [sarcasm alert] good work [/sarcasm alert] being target for many security researchers (as well as the bad guys). Windows will not be immune to remote & local exploits this year. Firefox/IE will definitely have some client-side failures which will be used on 2 and 5 above.
Hopefully you liked it,
That's the big things I think will happen in 2010, I've written it while I'm quite ill, but didn't want to miss the chance of posting it before 2010, so enjoy it and hopefully I will feel better tomorrow and the horrible stuff I've written and will delete it all. haha.