MessageLabs has unveiled its security predictions for 2008, and unsurprisingly the forecast is a tad gloomy, with video file spam among other nastiness predicted for the coming year.

MessageLabs' Skeptic team, claimed that the cybercrime market was poised to be even 'hotter' in 2008 as spammers increase targeted attacks and create new social engineering techniques to claim a stake in cyber-crime’s $105 billion market.

"2007 was the year of prolific cyber-crime with certain gangs becoming famous within the security industry," said Mark Sunner, chief security analyst at MessageLabs. "Notoriety within a hot market always encourages an influx of new players wanting their slice of success and thus, the threat market is set to be even hotter in 2008."

The Skeptic team feels that 2008 will see a significant growth for the shadow Internet economy, with 'e-crime tools' becoming more accessible and more people trying to make a living out of this economy. It also thinks that the prolific Storm Worm will have "further impact" in 2008. This is despite some researchers saying that Storm Worm has been shrinking steadily and is now a shadow of its former self.

The security vendor also pointed to spammers using MP3 files during 2007 and it predicts that video file formats will be next on the cyber criminals list of scams.

More sophisticated targeted attacks are also on the way apparently, after targeted attacks rose from 10 per day in May to in excess of 1,100 within 16 hours in September.

Yet predictions can also be wrong, a fact that MessageLabs admitted when it said that Instant Messaging (IM) attacks "in reality did not live up to expectations (in 2007)." It does however think that the predicted increase in IM attention will occur during 2008.

Spammers are also expected to learn from virus writer's targeted approach, and MessageLabs predicts that spam will increase in intelligence during 2008. "Spam run sizes will remain vast, but the content will be more targeted and stickier."

Track record

Predictions of this kind are often regarded with a certain degree of suspicion, and a quick check back on MessageLabs’ predictions for 2007, reveals they can be a bit hit and miss.

MessageLabs predictions for 2007, followed by commentary in brackets:

  • "Virus rates would continue to fall in 2007." (Nothing especially new about this, as this is a noticeable trend).
  • "Ransomware, malicious software will encrypt key files and documents using a secret key known only to the extortionist, will become increasingly threatening..." (MessageLabs was not alone in predicting this, but in reality there has been almost none of it and it has gone very quiet on this front).
  • "Spam will become more targeted throughout 2007." (Targeted spam is already with us to some extent).
  • "ICANN will continue to be exploited through loopholes, and domain kiting will continue to be a problem." (Again, ICANN exploits are already with us).
  • "Botnets will be engineered to be resilient, allowing the criminals to maintain control of zombie computers more easily." (Ditto botnets).
  • "Experts believe that the number of worms targeting Mac OS X will rise in the beginning of 2007." (This was fairly accurate).
  • "The availability of 'off the shelf' kits for less tech-savvy spammers will grow in numbers." (DIY kits are already well established).
  • "Late in 2007 MessageLabs expects to see VoIP threats emerge as adoption of the technology increases and criminals target application vulnerabilities." (VoIP is a big growth area, and there are almost none of these in the real world yet, but they are a major vulnerability. Good prediction though).