Gartner predicts rise of rootkits
Trouble ahead from insidious threat.
By Jeremy Kirk, IDG News Service | Published: 10:39, 19 September 2006
Research analysts at Gartner are predicting a sticky web of security hazards for IT professionals over the next two years, ranging from targeted financial attacks to spyware to rootkits.
Gartner released the list of threats on Monday during its IT Security Summit in London, part of the company's "hype cycle" reports that track technology trends. The threats, Gartner said, have a "potential to inflict significant damage" on businesses. The main threats will be:
- Cyberattacks with a financial motive: Criminals may try to steal customer data or information to hurt a company's reputation. Gartner suggests that corporations run more penetration tests to detect network holes and more aggressive intrusion detection systems, along with the usual signature-based anti-malware software.
Related Articles on Techworld
- Identity theft: While the number of victims has remained steady, Gartner said that defence is still poor against these attacks, which seek to assemble enough personal information to, for example, a open bank account in someone else's name. Companies can defend themselves with stronger authentication methods, encryption, better access control and database monitoring.
- Spyware: This insidious form of software often transparently infects computers, recording actions such as keystrokes. Over the next two years, 20 percent to 50 percent of companies will get infected with spyware, Gartner said. Include antivirus and anti-spam functions in anti-spyware software.
- Social engineering: Clever tricks by cyber-criminals can dupe users into revealing sensitive network information. A user, for example, could be tricked into downloading a malicious software program if they think it came from a co-worker. Gartner recommends writing clear and consistent security policies to prevent users from making mistakes such as sending confidential information to a competitor.
- Viruses: This perennial problem remains. Companies should deploy security software that uses updated signatures, which detect new variations of malware, to stop infections. IT administrators should also improve patching and vulnerability detection techniques, Gartner said.
- Rootkits: Gartner predicts more trouble with rootkits over the next five to 10 years. These modified system files can bury themselves deeply within an OS and can be difficult to find. From there, rootkits could offer an attacker the same control as the computer's administrator.
