Fortinet: Job outlook improving for cybercrooks

Next year will see more cybercrooks hiring people to help create and deploy botnets, which will likely trigger further cooperation in security community to shut down malware at its source.

Lance Whitney Contributing Writer

Lance Whitney is a freelance technology writer and trainer and a former IT professional. He's written for Time, CNET, PCMag, and several other publications. He's the author of two tech books--one on Windows and another on LinkedIn.

See full bio

Lance Whitney

Dec. 13, 2010 3:06 p.m. PT

2 min read

Cybercriminals are likely to find more jobs next year, one of five top trends forecast by security vendor Fortinet.

In an ironic twist in the job market, more positions will open up for developers who can write customized malware packers, people who can break CAPTCHA codes, and distributors who can spread malicious code, according to Fortinet.

And though cybercrooks have typically deployed their own botnets themselves, Fortinet believes this job will increasingly be farmed out to middlemen, citing the Alureon and Hiloti botnets as two examples of malware distributed this way. Money mules responsible for wiring funds and cashing checks will also need to be replaced as always.

In another trend predicted for next year, cybercriminals are expected to rely more on using existing source code to create new and slightly different strains of malware. Since similar malware today already appears under different names and aliases, this growing trend is likely to further confuse the meaning of names assigned by various security vendors.

The bad guys may end up fighting more amongst themselves as different botnets battle for spots on the same systems. The more control a certain botnet can have and the longer it can stay resident, the greater the cash flow, says Fortinet. Already, certain malware includes "bot killers," designed to eliminate competing bots found on the same machines. As a result, malware writers will increasingly need to keep their infections quiet and discrete and avoid impacting or crashing the machines on which they run.

In another trend cited by Fortinet for 2011, cybercriminals will likely try harder to crack into 64-bit systems, which have traditionally posed a challenge as a result of their tighter security technologies. The Alureon rootkit evolved into a 64-bit variant this year, leading Fortinet to predict more 64-bit rookits on the agenda for 2011.

And what about the response from the security community? That may be the one potential bright spot amidst all the dire malware warnings.

Already, certain countries and groups have worked together to take down known botnets and purveyors of malware, with one example being the Conficker Working Group, which came together in 2009 to fight that particular virus. The effects of some takedowns have been short-lived as the bad guys were able to regroup fairly quickly. But Fortinet cites the Zeus takedown this year as a positive example and a foreshadowing of things to come if the right people can team up collectively to shut down malware at its source.