Security in 2009 — the year of Conficker

iPhone worm, SEO poisoning, social network exploitation, rogue AVs and Windows 7 also notable

The year 2009 will be remembered as the year of Conficker, the first iPhone worm and the year Microsoft released Windows 7, according to Security firm F-Secure.

Speaking at an end of year wrap, F-Secure chief research officer, Mikko Hypponen, said 2009 was an exceptional year in IT security.

“We never see huge malware outbreaks anymore — except this year we did,” he said “Conficker peaked with over 10 million infected computers around the world and at the end of 2009 is still in millions of computers.

“This was very advanced malware using several tricks we have never before seen. [It was] a massive botnet not being used by the malware operators for anything useful and we still don’t the real story behind Conficker and that makes it one of the biggest mysteries in the history of malware.”

Hypponen said 2009 was also notable for the exploitation of the trust inherent in social networking sites, search engine optimisation poisoning and the prevalence of rogue antivirus applications.

“A few years ago the most common way of getting infected was email… today it is through surfing the web and now we are seeing more and more attacks misusing the attacks the trust within social networks,” he said.

“Most of the traffic going to malicious sites are actually generated with search engine optimisation attacks where the attackers seed the search engine with popular search terms so that searchers end up on the wrong sites and their computer ends up being take over. More often than not what the computers are used for is rogue security programs.”

The emergence of the first iPhone worm was also another major milestone during the year, Hypponen said. “The iPhone worms we have seen so far don’t really target the iPhones by themselves — they target jailbroken phones where the owner of the phone has broken protections partly so they are able to change the [network] operator and partly because they want to run whatever programs they want,” he said.

“Jailbroken iPhones are much easier target, especially when the user has installed tools like SSH without changing the root password.”

In a summary of 2009 security trends, Hypponen also said the launch of the Windows 7 operating system was a positive move to address the major security concerns inherent in Windows Vista and Windows XP.

“Windows 7 shows promise as a leaner, more secure operating system, and also has an improved user security experience compared to Vista,” he wrote in the summary. “The focus on a better user experience and improved security is also one of the important trends in 2009, coinciding with the emergence of Netbooks.”

Email Computerworld or follow @computerworldau on Twitter.

More about: F-Secure, Microsoft, SSH
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the Computerworld comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: Windows 7, social networks, SEO poisoning, security, rogue software, iphone worm, conficker
Whitepapers
All whitepapers
Sign up now to get free exclusive access to reports, research and invitation only events.
Featured Download
/downloads/product/205/divx-plus/

DivX Plus

Divx Plus 8 provides you with a Web Player which allows you to watch DivX, AVI and MKV videos in your web brower; you can ...

Latest Jobs
HP and IDG news, product videos and resources

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia