IT Security Predictions For 20114:00 PM EST Mon. Dec. 27, 2010
Looking back, 2011 will no doubt be viewed as an unprecedented year in IT, fostering key trends such as the consumerization of IT, the rise of mobile devices, the growing adoption of cloud security and the ubiquitousness of social networking in the workplace. Not surprisingly, the future of IT security in 2011 will be contingent on those trends, with the introduction of new privacy policies, new threats and new efforts to combat cyber crime.
And of course, some things, like spam and blended attacks, will never die, but instead will continue to surprise users with new and more sophisticated iterations.
Here are 10 key security trends that we see in the upcoming 2011. Happy New Year!
Gartner predicts that 2011 will be the year that the number of smartphones and other Internet-ready mobile devices will exceed the number of PCs. And with the explosion of Internet-ready mobile devices being used in the workplace, it stands to reason that mobile malware will experience a similar exponential increase.
Already the proliferation of mobile devices in the workplace and lack of secure applications, have left gaping security holes in security infrastructure-- a problem that experts say isn't going to be resolved any time soon.
Researchers at SonicWall maintain that mobile platforms will eventually drive the data leakage problem in light of the widespread adoption of devices such as the iPhone 4, iPad and Droid, resulting in untold expenses, security vulnerabilities and compliance headaches for organizations down the road.
No doubt, attacks are getting smarter, stealthier and more complex. In 2010, malware authors stumped the security community with the creation of Stuxnet, a targeted attack created solely to disrupt nuclear power facilities. As such, security experts predict that in addition to financially driven attacks, cyber criminals will continue to create malware designed to wage wars on governments and multi-national corporations by attacking communications and critical infrastructure.
Meanwhile, Sean-Paul Correll of Panda Security forecasts a continual rise of cyber protests, or political hacktivism, in the form of counter denial of service attacks and Web site defacement. Specifically, the loosely organized hacking group Anonymous, will continue to engage its cyber-protest in defense of WikiLeaks disclosure with a series of DDoS attacks, sparking counter cyber-protests in an all-out battle to shut down Operation Payback.
Shoppers you're in luck. The year-long IT security spending spree of 2010 will continue into 2011! The recent mega-mergers of Intel and McAfee, HP and ArcSight, IBM and BigFix all indicate that security is an increasingly attractive, as well as necessary, component of the IT stack.
Driven by the need to cut costs and reduce headcount, customers will increasingly gravitate toward comprehensive solutions and integrated suites, while eventually phasing out expensive point products. As such, more security companies will become prime acquisition targets while VAR consolidation will accelerate.
Mirroring the legitimate economy, Trend Micro also predicts that the cyber underground will continue its path of consolidation, as hacking groups combine knowledge and resources to launch even bigger cyber attacks on seemingly impenetrable targets.
If 2010 was the year that organizations talked about the cloud, 2011 is the year that many will start to put their plan into action.
In an effort to cut costs, many will take the plunge and start migrating their IT infrastructure to the cloud. By year's end, many businesses will be in various stages of adoption with hybrid infrastructures that incorporate a blend of on-premise and cloud-based solutions while larger organizations will invest in private cloud infrastructure.
The introduction of a cloud infrastructure will redefine the security paradigm. Subsequently, solution providers will need to ramp up cloud practices accordingly to meet the increased security challenges created with a complex hybrid or private cloud infrastructure.
But watch out! Cyber criminals will also be watching this trend with great interest in 2011, and subsequently find more ways to attack cloud infrastructure.
Okay, spam will probably never go away. But as more nations build out cyber infrastructure, spam will likely become a lot more ethnically diverse. Symantec Hosted Services predicts that in 2011 English and U.S. targeted spam will actually drop from about 95 percent to below 90 percent.
But don't heave that collective sigh of relief just yet. Portuguese and Spanish will top the list for some of the most popular languages used in spam, and will likely experience a sharp uptick, as more Latin American countries develop Internet infrastructure and give their citizens increased access to the Web.
In addition, regional markets, such as Germany and China will experience a significant increase in language-targeted spam, while spam output overall is expected to increase from European countries.
In 2011, almost everything will get bigger, including botnet infections. Researchers at Fortinet predict that botnet owners will deploy new and increasingly sophisticated attack mechanisms to ensure guaranteed infection rates that will lead to greater cash flow.
But wait! In response to the anticipated skyrocketing infection rates, there will be a surge in global collaborative takedowns. Yes, that means more countries and organizations will actually work together.
The concept isn't completely unprecedented. Thus far, successful examples include the Conficker Working Group, the FBI -initiated Operation Bot Roast and the joint initiative leading to the Waledac takedown, as well as recent international efforts to bust the Mariposa, Pushdo, Zeus, and Bredolab botnets.
So far, this method seems to work. As such, expect to see more collaborative action to take down the biggest botnets in 2011.
With the demise of the network perimeter, the rise of virtualization and cloud computing and the proliferation of mobile devices in the workplace, will almost inevitably bring a host of new compliance regulations designed to address the changing IT environment.
2010 paved the way for improving the nation's security standard, with the introduction of the National Identity Plan for improving online privacy, as well as the proposed U.S. Cyber Security Bill to better prepare the nation in the event of a cyber attack. Meanwhile, existing regulations such as PCI and HIPAA will likely gain traction and become more detailed in order to adequately protect data and address the growing number of security threats.
The dearth of new and increasingly stringent policies and regulations will likely drive encryption and DLP technologies while providing solution providers new opportunities to build out consulting practices and provide pre-auditing services to customers.
A recent Microsoft study revealed that the number of Java exploits has skyrocketed in recent months due, in part, to lack of awareness and difficulty in applying Java updates. And the rising success-rate has not gone unnoticed by hackers. True to form, cyber criminals will increasingly exploit existing flaws in vulnerable, but less frequently patched, applications.
Researchers at Webroot predict that in addition to the typical office applications, malware authors will continue to focus on programs such as Adobe Reader and Flash, browsers and browser plug-ins, as well as often overlooked programs such as Java, AutoCAD, media players and graphic design tools. Until these companies get on top of their patch management process with regularly scheduled updates, these applications will continue to be prime targets for hackers looking for the low-hanging fruit.
No doubt, social networking puts the "social" in social engineering scams. Continuing the upward trend, cyber attackers will continue to launch sophisticated and legitimate-looking socially engineered attacks on social networking sites.
Why? In general, users have a higher degree of trust and lowered skepticism for social networks, particularly Facebook and Twitter, often thinking that these platforms are private and secure. As such, researchers at Panda Security predict that cyber criminals will increasingly rely on social platforms to launch distributed attacks that exploit implicit trust on these sites.
Like prior attacks, many will spoof profile pages of users' contact lists, and then embed malicious links or entice victims to open malware-laden images or video files. Until social networking users start regularly best security practices on these sites, those pesky worms and Trojans will be here to stay throughout the year.
Like most people, cyber criminals go with what works. And nothing seems to work better with a brilliant blended threat, combining an SEO attack, rapidly spreading data-stealing malware and a little bit of social engineering on the side. Of course, next year's crop of threats will have to be bigger and more resilient than ever before. Experts say that users can expect to see a spike in dynamic and encrypted threats that are increasingly resistant to security technologies.
Meanwhile, researchers at Websense contend that cyber criminals will continue to launch convincing SEO attacks exploiting world news and high-profile events, enticing users to click on infected links by positioning malicious sites high on the Google search pages.
In addition, rogue AV and malicious e-mails that contain data stealing components will not experience a slow down any time soon either.