Panda announces 10 trends for cyber security in 2011 2010-12-15
Panda Security this week released a list of 10 trends for IT security in 2011, indicating, inter alia, that the hacktivism, and cyber warfare will be the themes highlighted during the next year.
"Once again we observed our crystal ball and put together the top ten trends in IT security during the year 2011 'jokes Corrons, technical director of PandaLabs.
According to the list, the growth rate of new malware 'slows down, although still providing for some 20 million of new species' and the social engineering and exploitation of social networks to distribute malware dynamic encrypted and will be' the main trends in the coming years. "
Moreover, the malware designed for mobile phones and tablet PCs' still will not be worrying "and there will be more malware for Mac and 64bit systems, and targeted attacks.
See the full list below:
1. Creation of malware. In 2010 we observed a significant increase in malware, a fact mentioned in the past year. This year we created more than 20 million new species, more than in 2009. Currently, the database Panda's Collective Intelligence, houses a total of more than 60 million classified threats. However the annual growth rate appears to have reached its peak: a few years ago was over 100%. In 2010 was 50%. Observe closely what will happen during 2011.
2. Cyber-war. The Stuxnet and disclosures of Wikileaks, suggesting the involvement of government in the Chinese cyber-attacks on Google and other targets, marked a turning point in the history of these conflicts. In the cyber-war, unlike the current conflicts in the real world, there are groups of easily identifiable uniformed military to which side they belong. It's like a guerrilla struggle, impossible to distinguish who attack and from where. The only possible thing to realize is the objective.
The case of Stuxnet was clearly an attempt to interfere with certain processes in place at nuclear power plants, particularly the enrichment of uranium. Other attacks of this kind, more or less sophisticated, are still under way right now, and no doubt will increase during 2011, although many go unnoticed to the general public.
3. Cyber-protests. Undoubtedly the biggest news in 2010. The cyber-protest, or hacktivism, came to stay. This new movement was initiated by the group "Anonymous" in his "Operation Payback," initially targeted to organizations with anti-piracy measures into practice, and later in supporting Julian Assange, author of the controversial Wikileaks. Even users with very limited technical knowledge, can easily participate in denial of service (DDoS) attacks or spam campaigns.
Despite the attempts of some countries to push through legislation that allows combat this type of activity through their criminality, we believe that 2011 will continue to occur in many cyber-protest, organized by this group or others that may arise. The Internet is increasingly important in our lives, by providing a channel represents enormous freedom of expression and anonymity, at least for now, so no doubt we will see more examples of this kind of civil protest.
4. Social engineering. There is a saying that "humans are the only species that stumbles twice on the same stone." In many cases it will certainly be true, and the best example is the continuing use of social engineering to infect unwary users. Cyber-criminals have discovered that social networks, in particular, are the perfect environment to "work", since users are generally more confident in this environment than with other types of tools such as e-mail.
Throughout 2010 we witnessed several attacks that used the two most popular social networks, Facebook and Twitter, as platforms for their release. In 2011, we anticipate not only that hackers continue to exploit these resources, how to increase their use to distribute more attacks.
Additionally, the attacks of BlackHat SEO, which index and ranked among the fake websites highlight results of research on search engines will be widely exploited in 2011, as always drawing on themes in vogue in order to reach as many users as possible .
With the continuous expansion of all types of multimedia content (photos, videos, etc..), There will be a significant volume of malware disguised as plugins, codecs, media players and other similar applications. This does not mean that other methods have disappeared, such as PowerPoint presentations that usually pass between friends and acquaintances, but the numerous education and awareness for safety taught users to be more cautious with this type of applications.
As the ingenuity seems to increase with the crisis, and unfortunately are becoming less necessary technical knowledge to participate in the world of cyber-crime, we will further proliferate and persuasive methods to deceive innocent users: romantic deals online fake job ads, scams of increasing sophistication, phishing attacks, not only banks but also the payment platforms, online shops, etc..
In short, now more than ever, common sense is one of the most important defensive tools to ensure that we secure online, even though this is often the least common of senses.
5. Windows 7 influences the development of malware. As we mentioned last year, will take at least two years before we see a proliferation of threats designed specifically for Windows 7. In 2010 we have started to see a change in this direction and believe that in 2011 will continue to see new cases of malware targeted at users of this new operating system.
6. Mobile. The eternal question: when is that malware for mobile phones will be in their prime? In principle further attacks will occur in 2011, but not on a massive scale. Most current threats is directed to devices with Symbian operating system with a tendency to disappear. Of the various operating systems in vogue, we anticipate that the number of threats to Android increase considerably over the years, becoming a prime target for the creators of such threats.
7. Tablets? The domain iPad this field will be challenged by new competitors. However, apart from possible attacks trial, we do not believe that the tablet PC's will gain the attention of cyber-criminal community in 2011.
8. Mac The Mac malware exists and will persist. And as the market share of these systems continue to grow, the volume of threats developed for them will increase. The biggest concern relates to the number of security flaws affecting Apple's operating systems, so hopefully that will be corrected quickly, as hackers are aware of the possibilities they offer to distribute malware vulnerabilities.
9. HTML5. May prove to be a substitute for Flash, HTML 5 is the perfect target for many criminals. The fact that it can be executed by Web browsers without any plug-ins makes it even more attractive, for there may be potential security holes being exploited to attack users regardless of browser they use. Certainly we will witness the first attacks in the coming months.
10. Threats and dynamic encryption. This is something we have seen emerge over the past two years, and we anticipate continuing to increase in 2011. The development of financially motivated malware, the use of social engineering or the existence of silent threats created to act without the victim realizing it, are not new. However, in our anti-malware laboratory received specimens from increasingly stealthy and encrypted malware, designed to connect to a server to update before security firms detect these. There are more threats targeted to specific users, in particular companies, since the stolen information on a business activity will achieve higher prices on the black market.