Kaspersky Lab announced recently the estimations of their security analysts about the activity of cyber criminals for 2010.

In 2008, the company’s analysts predicted an increase in system infections by viruses. Unfortunately, these estimates proved accurate. In 2009 we saw the emergence of sophisticated malware with functionality based on rootkits, the significant use of worm Kido (also known as Conficker), but also we observed numerous Internet attacks, the proliferation of botnets, fraud using mobile SMS and attacks on social networking websites.

Estimates for 2010

According to the experts at Kaspersky Lab, there will be a change in the types of attacks. More specifically, there should be a change from the attacks waged through websites and applications to attacks via file-sharing and peer-to-peer networks.

Already in 2009 there was series of massive attacks based on malware that spread via torrents. This method was used for the deployment of web threats such as viruses like TDSS and Virut, and the invasion of computers running Mac OS X. In 2010, we should expect a significant increase in this type of attacks on P2P networks.

The cyber criminals will continue to compete unleashing viruses. Currently, cyber criminals try more and more to be legalized and there are many ways to profit using the spread of malicious viruses through botnet networks. Today, botnets are used mainly for “black market services”. However, future services are expected to become more “gray” color.

The so called “cooperation programs” will give botnet administrators/owners the ability to profit from activities such as sending spam, DoS attacks or via sending malicious software applications that are not clearly a form of criminal activity.

The decline observed in the use of Trojan viruses that banged users of online gaming in 2009, is likely to occur in the use of fake antivirus programs in 2010. This category of threat first appeared in 2007 and in 2009 it reached its zenith. The worm Kido, for example, went to install rogue antivirus programs on infected computers.

However, the “market” of fake antivirus programs is now saturated and profits for cyber criminals have fallen. Furthermore, these activities are closely monitored by the legitimate security companies. In this context, an increasing degree of difficulty for the development and distribution of rogue antivirus programs is introduced.

With regards to attacks on web services, Google Wave is expected to monopolize the interest in 2010. There is no doubt that attacks in this new Google service will follow the usual model. First comes the sending of spam messages, then phishing attacks, then the exploitation of vulnerabilities of systems and the end comes with the spread of malware. The availability of Chrome OS operating system by Google, which is based on Internet technology, is a notable development, but experts of Kaspersky Lab expect that cyber criminals will not show great interest around this software platform.

However, it is expected that 2010 will be a difficult year for iPhone users and for phones with Android operating system. The first malicious programs for these platforms appeared in 2009, which is a clear indication that there is increased interest from cyber criminals. As for the users of iPhone, only those who have cracked appliances will be at risk, but the same does not apply to users of devices with Android software, as all of them can fall victims to attacks. For example, the growing popularity of mobile phones with Android software in China, combined with the lack of effective controls for the security of applications offered from third parties, is expected to contribute to the rise in the number of attacks by malicious programs.

The identification of new vulnerabilities in the systems will be the main cause of mass infection by viruses. These vulnerabilities will be mainly related to software developed by third parties (such as Adobe, Apple, etc.), but also Windows 7, whose marketing has recently started. If a large number of such software vulnerabilities is not found in 2010, it may well be one of the “quieter” years long.

Everyone has heard of the latest scandal regarding the “whatever.com” site being hacked and vital information for over one million people being stolen. Now what would a hacker want with the information some would wonder? The thought behind a hackers motives in most cases, is to just be able to hack the site that says it is “hack proof”. In other cases involving fraud, it is to obtain your personal information and either uses it for spamming or to sell it to scam artists. In any case, a site that is hacked has legal responsibilities one would think.

The latest big websites attacks is more than likely just the theft of work history and name along with references. Now if the information also included Social Security information or annual salary requirements as well as cell phone numbers and credit card or bank information, people are going to have major problems. This type of activity happens all the time, but we only hear about the big news companies in the spotlight. Now if a pet product site that is just starting out and is not a well-known name, they are not going to divulge that information and if they do, it will not make the news headlines.

Everyone uses the Internet for one reason or another and if you are like most people, you may shop, look for work, play games or just browse. In any cases, you need to be careful how you supply your information. A secure site to display your information needs to contain encryption to protect your information if it is for buying and gaming as well. Anytime you give out personal information about yourself, you want to know your information is protected. With the latest scare with hacked websites, people have to wonder, what will they do with that information?

As hackers become more devious in their endeavor to hack into websites and steal the information, more IT technicians will work harder to make the sites and products to secure the sites even better. All the scares that we encounter with our Internet experiences are just another form of criminal activity, unfortunately, it can cause problems for the entire world. Protecting yourself and your computer from a hack attack is top priority and every day, businesses are upgrading their systems and infrastructures to protect vital information.

The best way to protect yourself some had said is, never give out personal information. Unfortunately, this is not always possible. If you want to shop, look for work, do some gaming or sign up for important newsletters and promotions, you have to supply the pertinent information. Therefore, using a little caution as to what sites you use is great, but as it was proved with Monster, even the best of sites can endure problems. This however, is no reason to stop using the Internet.

You just need to be aware of the threat and use good judgment when you visit a website. Some day we will see a system to track and stop hackers from stealing vital information. Companies who make the software and other software for security measures work hard every day to find new ways to stop a hacker. As the hacker gains more strength, software developers gain more security knowledge to stop them in their tracks.

EDIT: There is a final version of BackTrack4 released, both an ISO image and a VMWare image. Also, backtrack is now distributed from www.backtrack-linux.org instead of remote-exploit.org. I suggest you to download and install the final VMware version.

I have been using BackTrack3 so far for my ethical penetration testing tasks with great success. I decided recently to give BackTrack4 a try, even if it’s still in Pre-Release stage. The guys at remote-exploit state that even if it is pre-final stage, this release is the sturdiest from all previous BackTrack versions so I decided to try it now rather than waiting for the final release. A notable change with BackTrack4 is that it uses Ubuntu now as the underlying operating system which is a very good move in my opinion.

I will explain below the steps I took to install BackTrack4 on VMWare Workstation running on Windows XP Pro. I have used VMWare Workstation 6.5.3 (it should work with older versions) and BackTrack4 pre-final.

First download the BackTrack 4 pre-final file (bt4-pre-final.iso) from its original location from http://www.remote-exploit.org/backtrack_download.html. The file comes in dvd ISO format. Save the iso file locally on your hard disk.

• Start the VMWare Workstation and go to File>New>Virtual Machine
• Select Typical Install
• Select option to use Installer Disc image file (iso)
• Click the Browse button to find the ISO image that you downloaded above.
• Click Next, select Linux and for version select Ubuntu.
• Click Next and select the location where the Virtual Machine will be installed.
• Leave the defaults (maximum disk size 8GB and Store Virtual disk as a single file).
• Click Next and Finish.
• Go to “Edit virtual machine settings” and change the network adapter to “Bridged”.
• Power on the virtual machine.
• This will boot up the Live CD from the ISO image and give you several boot options. Select the first option (BackTrack Framebuffer 1024×768).
• After it boots, it will get you into command line prompt as root@bt:#
• Type startx
• This will take you into the graphical interface of BackTrack. However you are still under Live CD. Any changes you make will be lost with next reboot. Therefore you need to install it on the VMWare virtual disk.
• Double click the “install.sh” script that you see on the desktop. This will start the installation procedure. Follow all steps. This will finally install BackTrack on the VMWare disk.
• Press “Restart” button to reboot. After rebooting, it will now boot from the VMware disk and not from the Live CD. At the login prompt, enter the username and password that you configured during the graphical installation above.
• You need to configure a root password here. Type “sudo passwd root”. It will ask you for your own user password to execute the command above. Then it will ask you to enter new password for root (twice). After that, the password for root will be changed.
• Login as root and get into graphical interface with startx.
• You are ready to Rock Baby!!!

I advice you to visit the offensive security blog (http://www.offensive-security.com/blog/) to read some very useful posts about BackTrack4. Especially useful is the post about upgrading the Kernel which is required because of a security hole in the default Kernel of bt4.