It’s not good is it?
I believe that, when the statistics are in, they’ll show that cybercrime was marginally worse in 2007 than 2006. Certainly in the area of data theft, it set new records. How many wake-up calls does the world actually need?
I don’t know.
I pretty much summarized the Internet’s malaise in 10 Reasons Why The Black Hats Have Us Outgunned. The simple truth is that until we can secure the hundreds of millions of home computers that the hackers prey on, in order to build their botnets, the current set of problems in going to persist.
See also The Misty World of State Sponsored Cyber Crime. We have to entertain the possibility that maybe the governments of the world (or at least some of them) don’t really want this problem to be fixed. Perhaps, those hundreds of millions of hacked PCs are too useful.
1. Whitelisting will enter the mainstream in 2008.
I’m predicting that by the end of 2008, the AVID Campaign will cease to have a raison d’etre. I’m hoping that at least one vendor will provide a whitelisting capability that is viable for the home user. What’s currently happening is that all the main AV vendors are embracing whitelisting. This is really good news for business PCs. Vista is also good news, in terms of security, as long as you don’t turn Vista security off because it annoys you (which some users are doing).
2. 2008 will be worse for cybercrime than 2007.
This is counter intuitive. More secure DNS technologies exist than before, better anti-malware technologies exist than before and the companies with such technologies are doing well. The technologies are being put to use. The trends are thus suggesting that we should be bringing cybercrime under greater control. But every time that I’ve suggested that that was the case in years past, I’ve been wrong, so I’m not going to say it now.
The one thing that IT security simply cannot defend against is social engineering. When we close all the other doors, the hackers will simply get in through the front door with social engineering techniques. Cybercrime will continue via this vector if by no other.
Note: There are 7 forecast postings for 2008. The others are:
Forecasts for 2008: #1 Chips & Virtualization
Forecasts for 2008: #2 The Server
Forecasts for 2008: #3 The PC Market
Forecasts for 2008: #4 Google and the Cloud
Forecasts for 2008: #5 Communications Convergence
Forecasts for 2008: #6 The Application Layer
Leave a reply