News Archive

The 2011 Threatscape

by msecadm4921

What are going to be the biggest threats? What threats can we expect to see more of? And will the Stuxnet superbug – as it has recently been referred to – really be the new weapon of choice for cyber insurgents? Here, David Harley, Senior Research Fellow at antivirus software provider ESET, predicts eight IT security trends that are set for the threatscape in 2011.

The Boonana Trojan Horse which affected social networking sites in November is a clear indication of where things are likely to go. The virus was spread through Facebook and used social engineering to direct users to a fake YouTube page and tricked them into watching an infected video. Social engineering is without doubt going to be a major problem for everyone in 2011.
We can expect to see more Cross-platform threats using OS-independent vectors like Java (again, Boonana is instructive). Windows will remain the main target because it has by far the most users. And while there won’t be a big shift towards specific targeting of other operating systems, as more people start using them, there will be increased interest in finding weaknesses.
Botnets will continue to be a major problem. However, more people will realise that smaller low-profile botnets will pose as big a threat as the big named ones, which are monitored closely by security researchers. This could result in the botnets being abandoned by their creators.
4. Malware will continue to infect through the usual channels by tricking the victim into clicking on something ugly. However, there will be larger ‘malvertising’ campaigns, where individuals will click on advertisements from ‘fake’ companies. It is also to be expected that unpleasant self-launching surprises like the .LNK vulnerability, which was spread via networks shares and file-synchronisation systems, will also hit our radar from time to time, possibly long after the bad guys have discovered them.
Inevitability, as the smartphone continues its relentless march towards being the primary “home computer” it will continue to attract the attention of the maliciously-minded. This will be much less about malware and more focused on people-hacking – which will (as always) be profitable. Attacks such as vishing and smishing and luring victims into paying for useless or actively malicious apps will become more common. As with “mainstream” computing platforms, the target will be the credit card or banking account, rather than the hardware or operating system.
The Stuxnet virus – while not quite the superbug sometimes suggested, is pretty complex. It takes a range of expertise, resources and sheer man-hours to pull off something that sophisticated, and it is unlikely that the entire black hat community will unite in tiger teams to attack hard targets when there’s lower-hanging fruit around. However, we’ve already seen a wide range of malware families “borrow” vulnerabilities from Stuxnet. These don’t have the ambition and innovation or the sophistication of Stuxnet or Zeus – this is just the bad guys adding an approach that seems to work for other attackers. The next big attack will probably be significantly different to Stuxnet, but it will come.
There will be more targeting of SCADA facilities for ransom/extortion purposes as well as or even rather than out-and-out espionage/sabotage. This means SCADA facilities will have to improve their security procedures wherever possible. This will be painful and will take a lot of time where such sites are more driven by cost and administration issues than by an urgent sense of security. The fact that many of these systems never go off line because no redundancy was built into the facility have security implications far beyond malware and OS or application patching.
8. There will be ongoing debate over anti-malware testing: while it’s increasingly accepted that dynamic testing is a better representation than static testing of the current threat landscape as it affects AV users in real life, the jury is still out on the ways in which to implement it effectively and accurately. Testers and researchers within the Anti Malware Testing Standards Organisation will continue to play a prominent part in attempting to establish appropriate guidance, but some controversy is inevitable.

Related News

  • News Archive

    Surveillance Show

    by msecadm4921

    Winkelmann UK, manufacturer of counter-surveillance and anti-terrorist equipment, exhibited at the HOSDB Show, open to UK law enforcement personnel, at RAF Halton…

  • News Archive

    Chipping Away

    by msecadm4921

    The government and private sector partnership to combat property crime by ?chipping? goods is progressing well, says the Police Scientific Development Branch.…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing