Top 10 Security Threats for 2011
1. Malware creation: In 2010, our industry witnessed significant growth in the amount of malware and discovered at least 20 million new strains, more than in 2009. At present, IC3 database stores a total of more than 60 million classified threats. The actual rate of growth year-on-year however, appears to have peaked. Several years ago it was over 100 percent and in 2010 it was 50 percent, so 2011 looks to be busy but not as busy as it could be if the older trend still held sway.
2. Cyber war: Stuxnet and the WikiLeaks cables suggesting the involvement of the Chinese government in the cyber-attacks on Google and other targets have marked a turning point in the history of these conflicts. Stuxnet was an attempt to interfere with processes in nuclear plants, specifically, with uranium centrifuge. Attacks such as these, albeit more or less sophisticated, are still ongoing, and will undoubtedly increase in 2011, even though many of them will go unnoticed by the general public.
3. Hacktivism: Cyber-protests , or hacktivism, are all the rage and will continue to grow in frequency. This new movement was initiated by the Anonymous group and Operation Payback, targeting organizations trying to close the net on Internet piracy, and later in support of Julian Assange, editor-in-chief of WikiLeaks. Even users with limited technical know-how can join in the distributed denial of service attacks (DDoS) or spam campaigns.
Despite hasty attempts in many countries to pass legislation to counter this type of activity effectively by criminalizing it, we believe that in 2011 there will be more cyber-protests, organized by this group or others that will begin to emerge.
4. Social engineering: Cyber-criminals have found social media sites to be their perfect working environment, as users are even more trusting with these than with other types of tools, such as email. Throughout 2010, various attacks used the two most popular social networks — Facebook and Twitter — as launching pads. In 2011, not only will hackers continue to use these networks, but it is predicted that they will also be used more for distributed attacks.
6. Smartphones: In 2011 there will be new attacks on mobile phones, but it will not be on a massive scale. Most of the existing threats target devices with Symbian, an operating system which is now on the wane. Of the emerging systems, we predict that the threats for Android will increase considerably throughout the year, becoming the number one mobile target for cyber-crooks.
7. Tablets: The dominance of the iPad will only start to be challenged by new competitors entering the market. Therefore, we do not believe that tablet PCs will become a major consideration for the cyber-criminals in 2011.
8. Mac: Malware for Mac exists, and will continue to exist. As the market share of Mac users continues to grow, the number of threats will grow. The greatest concern is the number of security holes in the Apple operating system. Developers will need to patch these holes as soon as possible, as hackers are well aware of the possibilities that these vulnerabilities offer for propagating malware.
9. HTML5: HTML5 is the perfect target for many types of criminals and could eventually replace Flash. It can be run by browsers without any plug-ins, making it even more attractive to find a security hole that can be exploited to attack users regardless of which browser they use.
10. Highly dynamic and encrypted threats: Expected are dynamic and encrypted threats to increase in 2011. Monitoring services are receiving more and more encrypted, stealth threats designed to connect to a server and update themselves before security companies can detect them.
There are also more threats that target specific users, particularly companies, as information stolen from businesses will fetch a higher price on the black market.
Pass this on to your IT people and perhaps we can begin to line up the sandbags to an effective level.
As always, be safe.
To all of our wonderful readers, we’d like to thank you for your loyalty, feedback and support, which makes us even more excited about the upgrades we have in store for you in 2011.
A happy, healthy and prosperous New Year to you and yours.
- Cyber attack: A very modern theatre of war – The IT men whose mission is to rescue the world from cyberterrorists (dailymail.co.uk)
- 2011: The Year of Malware Attacks — TrustDefender Predictions for Year Ahead (prweb.com)