Targeted Messaging Attacks
Targeted messaging attacks will increase in sophistication, according to GTISC, with a focus on individuals and their personal information or access permissions, instead of corporate networks or other infrastructure. Such attacks will be perpetrated through e-mail, instant messaging (IM), peer-to-peer (P2P) networks and social networking communities, and they'll be increasingly harder to detect as criminals derive more ways to dupe already-suspicious users.

For example, spammers will bypass traditional spam filters by disguising their messages as business communications with PDF or Excel file attachments that help to trick antispam services into thinking they're legitimate.

Instant messaging applications will also increasingly be employed to trick users into visiting potentially dangerous sites or stealing personal data. At the end of an IM conversation between known coworkers or friends, a hacker could intervene and send off a final message with a malicious link to one or both of the participants that appeared to come from the other recognized party.

Botnets
Botnets, or networks of "zombie" computers that have been taken over by malicious servers, or "bot masters," are nothing new. In fact, GTISC predicts that some 10 percent of computers connected to the Internet—that's tens of millions of machines—are controlled by bot masters. However, such botnets will be used by hackers in new and dangerous ways over the coming year.

For instance, GTISC thinks botnets will be employed more and more often to aid fraudsters looking to steal information from individuals or organizations, instead of working to distribute spam and execute denial-of-service (DoS) attacks, as they have in the past.

Larger, more powerful botnets will be formed through P2P networks to circumvent traditional security safeguards like intrusion detection and prevention systems, according to GTISC. Due to the decentralized environment of such P2P networks, hackers could control botnets via multiple machines, helping cybercriminals get around current security safeguards.

Threats Targeting Mobile Convergence
As the number of people with Web-enabled cell phones and other devices rises, so does the potential gain from exploitation by hackers. GTISC predicts that threats in the form of voice spam and voice phishing will rise dramatically over the coming year, as well as DoS attacks on voice infrastructure.

GTISC also predicts that as mobile carriers offer more and more feature rich applications and services, the threats to the carrier networks increase because of potential security flaws in the new apps. A single hacker who discovers a significant flaw in an application could use a DoS attack to order millions of phones to, say, call 911 at the same time, bringing down the nation's Enhanced 911 system, according to GTISC. An attack of this nature was perpetrated against NTT DeCoMo mobile customers in Japan in 2001.