Applications that demand money with menaces were around in 2009, and are set to be more common still in 2010. Rogue anti-malware software takes control of users' computers and effectively asks for a ransom to regain control of the machine.
Other scareware companies con users into downloading "anti-virus" software that detects spurious infections, and asks the user for cash to remove it. In another twist to the scareware scam, Symantec reports that rogue companies are selling rebranded copies of free antivirus software under their own names.
Large-scale malware attacks were the thing of the noughties. From 2010 onwards, the IT security industry expects to see a shift to smaller, more localised attacks.
These might be limited to a country, a city, an individual company, or even a high-profile individual. We have already seen hackers compromise the accounts of prominent social network users. Malware writers are turning to "spear phishing" attacks to target the rich, or the influential.
At the other end of the spectrum, security experts predict more attacks focused around large-scale international events, with the Winter Olympics and FIFA World Cup expected to bring large spikes in malware traffic.
Attacks on virtualised environments
Virtualisation was one of the key technology topics of 2009. In 2010, hackers will turn their attention to virtualised IT environments, according to the IEEE. Attacks on virtual environments have also been highlighted by Trend Micro as a risk for 2010, as it allows hackers to develop new attack vectors.
One risk is the use of virtualisation to support shared infrastructures; the other is gaps in security created by the interface between virtual machines, hypervisors, and the physical hardware.
There is no denying that Microsoft has made great strides in security in the last few years. However, as Windows 7 grows in market share, hackers will turn its attention to that operating system, rather than older versions such as Windows XP. And, as Trend Micro cautions, the default configuration of Windows 7 is less secure than the default set up for Vista.
Serious malware threats to mobile phones, and especially smart phones, are certainly possible. This year has seen attacks on iPhone users in Australia, and attacks on BlackBerry devices carried through PDF files.
As yet, there has not been a large-scale attack on a single mobile platform or operator, perhaps because of the diverse range of the mobile handsets on the market, and perhaps because as yet, mobiles carry only small amounts of critical data.
But the risk of a large-scale attack against a popular mobile platform will grow as the devices become more common. F-Secure cautions that there will be more attacks on the iPhone as well as proof of concept attacks against Android and Maemo, Nokia's Linux-based platform. And the anti-virus vendor continues to warn against a zero-day attack against mobiles.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2023.