Just another ComMetrics – social media monitoring, best metrics, marketing metrics weblog

CyTRAP Labs global security forecast 2008 – users take care – silliness is everywhere

December 20th, 2007 · 4 Comments ·

Once again, it is the time of the year when vendors and experts are supposed to gaze into the crystal ball and provide their security forecasts for next year. So what have our illustrous experts in store for you this time…. read on and get it first hand. December 2006 we ventured to predict what might happen during 2007:

CyTRAP Labs’ IT security predictions and trends for 2007: Top ten threats and exploits

and, surprise surprise ….. we were pretty much on the mark for 2007. So what have experts got in store for you regarding the year 2008? Glad you asked.

Experts forecast stormy 2008

Just keep in mind, the art of forecasting tomorrow’s troubles is intimately related with the art of forecasting tomorrow’s pointless wonders.

Here are some examples:

    Next year will see cybercriminals increasingly targetting Windows Vista as well as instant messaging and VoIP applications (thanks McAfee for telling us this one).
    The spammer will be forced to try new spamming tactics

    Sutter thought because spam effectiveness rates are falling. (thanks to and an expert from Message Labs for providing this insight).

$Emerging Cyber Threats Report for 2008

    PandaLabs notes that malware such as bots or Trojans will be controlled remotely not only through IRC, but also P2P networks or the HTTP protocol (merci for this insight).

    Jon Colley (ISC2) revealed to IT week: The human rather than the technology side of IT security will be a major priority for IT teams in 2008, as threats increase and social engineering techniques become more sophisticated, according to non-profit security certifications organisation ISC2 (Danke das hilft uns wirklich weiter – big surprise NOT is it?) (what you think – comment below)

    SANS top 20 security risks identifies this one as being on the top of the list for 2008:”Critical vulnerabilities in Web applications enabling the Web site to be poisoned, the data behind the Web site to be stolen, and other computers connected to the Web site to be compromised.” (I thought we had that already?)

But if you thought the above might not be as revealing as you had hoped, InfoSec folks are not the only ones making forecasts that seem to be a bit silly. For instance, the risk management folks are also very good at making great sounding statements without revealing too much, such as this one:

    Global Counter Improvised Explosive Devices (IEDs)…. The result should be a reavaluation and major changes to military doctrines world wide, impacting outlooks, makeup and budgets for decades to come. (Homeland Security Research – much obliged for this insight)


These essays or blog posts supposedly indicate the industry’s and tech experts’ collective wisdom on the most important InfoSec and risk management issues coming our way for 2008.

As you can see, plenty of malware, vulnerability, and zero-day exploit kind of threats make them all predict stormy weather for 2008.

Incidentally, another unnamed source claimed that 2008 is the year when IT security gets personal. Come again, I thought security was personal already especially if one’s system crashes due to malware. Or how about being pestered with those spam e-mails? Not personal for you?

Moreover, what the strategic implications for corporations, governments and regions will be is still a mystery to me when reading these forecasts.

Considering our point earlier, the art of forecasting tomorrow’s troubles is intimately related with the art of forecasting tomorrow’s pointless wonders. We will bring you an update soon, stay tuned or just subscribe (see just below) to get it when we publish it here or elsewhere.

Please comment regarding this post, most welcome just enter it below on the blog itself, we are curious how these things have helped you in the past and should in the future in your work. Care to share, please do.


CyTRAP Labs invites you to get info about zero-day exploits, tools, benchmarking and regulatory intell. BETTER, just become one of our readers by subscribing right now to one or more of our highly acclaimed services.



CyTRAP Labs forecast about malware – acquired cyber immunodeficiency syndrome – ACIDS the digital version of AIDS?



→ 4 CommentsTags: 2008 · cybercriminals · dkdkdkd · forecasts · increasingly · silly · targetting · theme