Adobe Systems' Flash and Acrobat Reader products will become the preferred targets for criminal hackers in 2010, surpassing Microsoft Office applications, a security vendor predicted this week.
“Cybercriminals have long picked on Microsoft products due to their popularity. In 2010, we anticipate Adobe software, especially Acrobat Reader and Flash, will take the top spot,” security vendor McAfee said in its “2010 Threat Predictions” report (PDF).
Hackers usually target the most widely used products in order to achieve the maximum impact. For a long time that has made Microsoft their primary target. But the software giant has tightened security in its recent OS releases, leading hackers to look for additional targets.
Adobe's CTO acknowledged recently that his company's software is being attacked more frequently, and said the company has stepped up its efforts to respond.
“We have absolutely seen an increase in the number of attacks, around Reader in particular and also Flash Player to some extent,” CTO Kevin Lynch told reporters at the Adobe Max conference in October. “We're working to decrease the amount of time between when we know about a problem and when we release a fix. That used to be a couple of months; now it's within two weeks for critical issues.”
Mozilla's Firefox browser and Apple's QuickTime software have also faced new attacks.
Among its other predictions, McAfee expects more sophisticated attacks next year against social networking sites such as Twitter and Facebook. “The explosion of applications on Facebook and other services will be an ideal vector for cybercriminals, who will take advantage of friends trusting friends to click links they might otherwise treat cautiously,” the company said.
It also sees the emergence of a new vehicle for attacks in the form of HTML 5, an update to the Web markup language that will support delivery of online video and allow Web applications to run offline.
“HTML 5 will blur the line between desktop and online applications. This, along with the release of Google Chrome OS, will create another opportunity for malware writers to prey on users,” McAfee said.
There was some good news, however. The security firm sees law enforcement having more successes next year in its pursuit of cybercriminals, thanks to closer cooperation and improved skills at international crime-fighting agencies.