On the mobile front, there have been more than 300 iPhone vulnerabilities to date and around a dozen on the Android platform, but beyond that, we have not seen a massive surge in mobile security threats. That said, as more apps flood the market, some of which are created by novice programmers using tools such as Googles new App Inventor for Android, we think the security integrity of mobile devices could be impacted. In fact, we think the rapidly expanding app market for popular mobile platforms will be the key driver behind mobile security threats in the future. We hope not, but the second half of the year might still see this trend come into its own.
Spammers Breaking the Rules As the economy continues to suffer and more people seek to take advantage of the loose restrictions of the CAN-SPAM Act, well see more organizations selling unauthorized email address lists and more less-than-legitimate marketers spamming those lists.
Status: Mostly on track
Reasoning: Though there hasnt been an explosion yet, we are seeing more gray mail this year. One example of such gray mail is unsolicited, but legitimate-looking newsletters. These emails generally carry an opt-out message to comply with the CAN-SPAM Act; however, users most likely never subscribed to corresponding distribution lists in the first place, indicating the senders are getting their mailing lists from less-than-legitimate sources. Common examples of such unsolicited gray mail are offers for complimentary subscriptions to online newsletters. Symantec recently analyzed one such sample which indeed did include an opt-out message, thus complying with the CAN-SPAM Act, but the promptness of the sending organization honoring opt-out requests was another story.
As Spammers Adapt, Spam Volumes Will Continue to Fluctuate Since 2007, spam has increased on average by 15 percent. While this significant growth in spam email may not be sustainable in the long term, it is clear that spammers are not yet willing to give up as long an economic motive is present. Spam volumes will continue to fluctuate in 2010 as spammers continue to adapt to the sophistication of security software, the intervention of responsible ISPs and government agencies across the globe.
Status: On track
Reasoning: We have indeed continued to see the arms race between spammers and antispammers continue. Such antispam victories as the shutdown of the Mariposa botnet have been countered by spammers with actions like the explosive use of disposable and hijacked URLs. While the percentage of messages identified as spam has stayed in a relatively tight range, spam volume has shown much more movement.
Specialized Malware Highly specialized malware was uncovered in 2009 that was aimed at exploiting certain ATMs, indicating a degree of insider knowledge about their operation and how they could be exploited. Expect this trend to continue in 2010, including the possibility of malware targeting electronic voting systems, both those used in political elections and public telephone voting such as the systems connected with reality television shows and competitions.
Sign up for CIO Asia eNewsletters.