Upcoming security threats for 2010, as predicted by CA, Cisco, Symantec, Websense and a group of experts at Independent Security Evaluators. Plus, Info-Tech on security trends.

Social networks are going to become a prime target for cybercriminals in 2010, according to security predictions from annual security reports released this month by CA Inc., Cisco Systems Inc. and Symantec Corp.

A prediction list gathered from Independent Security Evaluators (ISE) and another list issued by Websense Inc. also anticipate increased threats on or towards major social networking sites.

Social networks was the only prediction highlighted by all five sources, but increased use of search engine optimization (SEO) attacks, shorts URLs and malvertising, as well as an upcoming focus on smartphones and the Mac OS X platform, were also noted on multiple accounts.

Unique predictions include a potential cryptographic algorithm break, botnet turf wars, attacks on voting mechanisms for elections and reality shows, a major utility breach in the U.S. and hijacked computers held for ransom.

James Quinn, senior research analyst at Info-Tech Research Group Ltd., expects the push towards financial incentives will continue from the hacker's perspective. But the biggest trend that will continue from 2009 into 2010, according to Quinn, is the increasing speed at which threats will evolve.

"Security companies have gotten very, very good at responding to threats, and so as a result, bad guys have had to change the nature of the threat more rapidly .... I think what we are going to continue to see is an increase in that rate of evolution," he said.

Quinn also expects 2010 will be an interesting year in terms of reputation-based security software. While the model allows anti-malware vendors to work quickly by looking at where information is coming from, whether it works effectively still remains in question, he pointed out.

"They are moving towards this model out of an efficiency basis, simply because there is so much good code and there is so much bad code available that it becomes impossible to work on a signature basis with any kind of performance," he said.

The following is a compilation of potential upcoming threats to look out for in 2010, as predicted by the CA Global Advisory Team, Cisco, Symantec Hosted Services, Websense Security Labs and contributions from a group of security experts at Independent Security Evaluators.

Mobile worm attack

ISE anticipates a major mobile worm attack. "Mobile phones are now small computers always attached to the Internet," states ISE. "They contain personal information and make for an interesting component of a mobile botnet. We got a worm this year against jailbroken iPhones. Next year will see the first worm against a major (off-the-shelf) mobile platform such as iPhone or Android."

Social networking shut-down

"A major social networking site (Facebook, MySpace, etc) will shut down for an extended period of time, due to a hacking incident or a virus," states ISE. "As more information is stored on these sites, they become more of a target. Additionally, it would be a high profile attack for an attacker wishing to increase their 'street cred.' Think Samy Worm except with malicious intent."