Tan Yuh Woei, Country Manager, Singapore, Symantec, wrote to us recently, telling of the most significant developments his information security organisation expects the world will see this year. Tan referenced data from the Symantec Security Response blogs (an online community of the vendor’s top infosecurity specialists, at www.symantec.com/business/security_response/weblog/index.jsp) in his note. See the expurgated text below.
These are our top Internet security predictions for 2011.
1 Critical Infrastructure Will Come Increasingly Under Attack and Service Providers Will Respond, but Governments Will Be Slow to React.
Attackers have likely been watching the impact that the Stuxnet threat had on industries using industrial control systems and are learning from it. We expect them to take the lessons learned from Stuxnet–the most significant example to date of a computer virus designed expressly to modify the behaviour of hardware systems to create a physical, real-world impact–and launch additional attacks targeting critical infrastructure over the course of 2011. Though slower to start, expect the frequency of these types of attacks to increase.
Findings from Symantec’s 2010 Critical Information Infrastructure Protection (CIP) Survey (bit.ly/bka8UF) also echo this trend as 48 percent of respondents said they expect to come under attack in the next year and 80 percent believe the frequency of such attacks is increasing. With such high level of awareness, expect to see these providers move forward with cybersecurity precautions to survive such attacks. In addition, the majority of critical infrastructure providers are supportive of and more than willing to cooperate with their government in CIP initiatives. However, we do not expect to see a lot of movement in this regard from governments this year.
2 Zero-Day Vulnerabilities Will Become More Common as Highly Targeted Threats Increase in Frequency and Impact.
In 2010, Hydraq, a.k.a. Aurora, provided a high-profile example of a growing class of highly targeted threats seeking to infiltrate either specific organisations or a particular type of computer system by leveraging previously unknown software vulnerabilities. Attackers have been using such security holes for many years, but as these highly targeted threats gain momentum in 2011, plan to witness more zero-day vulnerabilities coming to light in the next 12 months than in any previous year.
The key driver behind this trend is the low-distribution nature of such malware. Targeted threats focus on just a handful of organisations or individuals with the goal of stealing highly valuable data or otherwise infiltrating the targeted system. Exploiting this fact, attackers aim to improve their odds and hit their target on the first try without getting caught.
Sign up for Computerworld eNewsletters.