Web browsers to become main target for malware attacks

Creators of malicious software are likely to move away from targeting the Windows operating system and focus on web browsers instead, according to Symantec.

The security software firm said at the moment many attacks, such as drive-by downloads rely on a web browser to get onto a PC so they can install malicious software into the Windows system. This limits them to running only on Windows computers.

As web browsers have evolved, however, programs have become able to run entirely within them, and an attack using this technique could work on any computer or device running a suitable browser.

Dave Cole, Symantec's director of security responses said: “With Web 2.0 technologies we’ve seen so much of the logic that would have been done on the server being done in the browser.

“If I’m a bad guy, and I’m going to make a bet on you having a specific thing, I’m going to bet on you having a browser.”

Such attacks will find it harder to persist than those that target the operating system, perhaps running only for as long as the browser remains open, but as browsers become available on many devices, including smartphones and games consoles, they could have a wide reach.

Mr Cole added that he expects to see this change in attacks in two to three years rather than immediately.

“At the moment there are just too many people out there with [Windows] PCs, so that’s a ripe target”, he said. The change in strategy is likely to be delayed by the popularity of Windows XP netbook computers, which “took off like a screaming banshee”.

“We’ve got a lot of Windows PCs out there for a long time”, he said. “In the end it could be mobile phones with good browsers and fat internet connections that usher in the next generation of threats”.

In the meantime, the company has already started moving more of its security tools into web browsers.

“We’re already heading in that direction,” said Mr Cole, citing the intrusion prevention and anti-phishing systems included with Symantec’s security products. The latest versions monitor any web searches conducted by the user, adding warnings to any search results that link to dangerous sites.

The company also discussed its approach to security on Apple computers, which are seen by many as immune to virus attacks. It said it had monitored one recent attack that succeeded in creating a small Mac botnet, although this was never controlled by the attacker. The malicious software installed itself when users downloaded and installed a pirated copy of Apple’s iWork software.

Symantec’s Kevin Haley said that Apple computers were not inherently secure. “It’s got nothing to do with how secure the operating system is”, he told the conference. “If it’s worth someone’s time to get on that operating system, they will.”