YNOT – Botnets, malicious applications and social networking malware are among the major threats to look out for in 2010, according to BitDefender. The security software developer also predicts cybercriminals will target operating systems, mobile devices and enterprise technologies such as cloud computing.“2009 saw a wide range of security threats aiming at both end-users and at corporate networks,” senior anti-spam researcher Catalin Cosoi said. “The Conficker worm took a dramatic surge and managed to stay one of the top three global threats during the year. Although not entirely dangerous, its spreading mechanisms and its resistance to detection may be regarded as the cornerstone of the upcoming breeds of highly destructive malware.”

Among her other predictions: Spam sent by botnets will be at the core of malware threats in 2010.

“We will also see some distributed denial of service attacks as proof of concepts for the future or possible customers of the botnets,” she said. “If a client wants to rent a botnet but he is not sure of the capabilities of the network, he might want to see a demonstration of power.”

The majority of malicious applications are oriented towards illicit financial gain, Cosoi noted, and BitDefender’s analysis of past trends indicates 2010 will bring an increased amount of malware. Adware applications and rogue antivirus software are particularly likely, because the type of social engineering they represent has proved particularly successful. More complex malware, such as rootkit-based file infectors and worms relying on multiple vectors of infection (e-mail, instant messaging and peer-to-peer protocols) are also expected to increase.

Social networking websites are expected to become one of the most important vectors of infection during the coming year, Cosoi said.

“Building on their experience with these social networking sites, malware authors are expected to extend their reach with the new Google Wave as the search engine’s instant messaging service gains popularity,” she noted. “Spam and phishing attempts targeting social networking users are also expected to rise.”

Because Microsoft recently launched a new, highly anticipated operating system (Windows 7), users should expect to see new threats targeting the OS’s core technology, BitDefender warned. Windows 7 has proved to be much safer than its predecessors; however, as users transition from XP and Vista to Windows 7, malware authors will focus on finding software vulnerabilities and security breaches in the operating system.

Apple Mac OS X users also are likely to see increased activity targeting their previously pristine OS, BitDefender predicted. Apart from the usual spam and phishing attempts that are platform-independent and target any computer user connected to the internet, Apple’s transition to the Intel hardware platform will unleash new opportunities for attackers who previously have focused Windows’ notorious vulnerabilities.

Apple’s mobile operating system will not be immune, either, Cosoi noted. The latest version of the iPhone with 3G capabilities dramatically increased the gadget’s user base during 2009. Many iPhone owners are “jail-breaking” the operating system in order to install third-party applications. Jail-breaking involves activation of the SSH service with a default password and root access, which offers malware authors a tasty target. BitDefender expects 2010 to bring new e-threats focusing on the rapidly growing mobile platform, especially worms and password-stealing Trojans.

In contrast, Android and Maemo users may be spared.

“Because their market share is still small compared to Windows Mobile, Symbian and iPhone OS, malware authors will not focus their efforts on finding vulnerabilities, but rather strengthen their efforts on social engineering attacks,” Cosoi said.

At the enterprise level, Microsoft’s Windows Server 2008 R2 Hyper-V and VMWare vSphere virtualization technologies have opened new opportunities for small and medium businesses. Accommodating multiple servers on a single machine with virtualization can lower operating costs dramatically. As the new technologies attract a broader audience during 2010, remote attackers are expected to look for vulnerabilities in software that would allow them to seize control of the hypervisor, which would give them access to all virtual machines deployed on a system.

Cloud computing services also are gaining extraordinary popularity, and that trend is expected to grow. Cloud technologies hold and process significant amounts of sensitive data whether they are used for e-mailing or data storage and backup. BitDefender predicts attackers will shift their focus in 2010 to these infrastructures, striving to seize control over or limit access to cloud computing resources.

Finally, netbooks and personal digital assistants are expected to become security risks in the corporate environment as they become more popular. Since netbooks do not come with Trusted Platform Modules or other types of hardware-software encryption and cannot be managed remotely (in order to wipe the hard drive clean in case of loss or theft), sensitive information can land in the hands of cyber criminals.

“Computer users need to keep in mind that cyber criminals are constantly adapting their e-threats so they don’t get caught, making them more damaging,” said Cosoi. “With that being said, it is essential for home users, small businesses and enterprises alike to have a reliable security solution installed and updated on their systems.”