Adobe will be top target for hackers in 2010, report says
They're gunning for Acrobat Reader and Flash, according to McAfee
IDG News Service - Adobe Systems' Flash and Acrobat Reader products will become the preferred targets for criminal hackers in 2010, surpassing Microsoft Office applications, a security vendor predicted this week.
"Cybercriminals have long picked on Microsoft products due to their popularity. In 2010, we anticipate Adobe software, especially Acrobat Reader and Flash, will take the top spot," security vendor McAfee said in its "2010 Threat Predictions" report (PDF).
Hackers usually target the most widely used products in order to achieve the maximum impact. For a long time that has made Microsoft their primary target. But the software giant has tightened security in its recent OS releases, leading hackers to look for additional targets.
Adobe's CTO acknowledged recently that his company's software is being attacked more frequently, and said the company has stepped up its efforts to respond.
"We have absolutely seen an increase in the number of attacks, around Reader in particular and also Flash Player to some extent," CTO Kevin Lynch told reporters at the Adobe Max conference in October. "We're working to decrease the amount of time between when we know about a problem and when we release a fix. That used to be a couple of months; now it's within two weeks for critical issues."
Mozilla's Firefox browser and Apple's QuickTime software have also faced new attacks.
Among its other predictions, McAfee expects more sophisticated attacks next year against social networking sites such as Twitter and Facebook. "The explosion of applications on Facebook and other services will be an ideal vector for cybercriminals, who will take advantage of friends trusting friends to click links they might otherwise treat cautiously," the company said.
It also sees the emergence of a new vehicle for attacks in the form of HTML 5, an update to the Web markup language that will support delivery of online video and allow Web applications to run offline.
"HTML 5 will blur the line between desktop and online applications. This, along with the release of Google Chrome OS, will create another opportunity for malware writers to prey on users," McAfee said.
There was some good news, however. The security firm sees law enforcement having more successes next year in its pursuit of cybercriminals, thanks to closer cooperation and improved skills at international crime-fighting agencies.
- Where You Mitigate Heartbleed Matters Read this article to learn more about why customers must choose the most strategic point in the network at which to deploy their...
- Mitigating Multiple DDoS Attack Vectors It's time to rethink and refine the enterprise security architecture, so organizations can remain agile and resilient against future threats. Download this infographic...
- SIP Migration: Addressing CIOs' Concerns Recent data from IDG Research shows that many IT executives are counting on SIP to help them meet employee efficiency and customer experience...
- City Solved Network Mystery - Saves $30K The City of Jacksonville put their hunch to work and not only solved a mystery, but found a new and innovative use for...
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily...
- On Demand: Mastering the Art of Mobile Content Management Mobile device usage in the enterprise has skyrocketed, and it continues to escalate. IT must answer to users who demand access to their... All Network Security White Papers | Webcasts