Then would like about cyber security trends in 2011? Here are 5 predictions according to Symantec:
1. Important Infrasturuktur So Target Attack, Slow Reacting Government
The attackers seemed to have seen the impact of the threats that attack Stuxnet in industrial control systems industry. Symantec estimates that cyber criminals take a lesson from what Stuxnet.
This is the most significant example to date in terms of a computer virus created specially to change the behavior of the system hardware to produce a physical effect in the real world. Although initially slow, it is estimated the frequency of this type of attack will increase.
The findings of the 2010 Critical Information Infrastructure Protection (CIP) Survey Symantec also menggaungkan this trend because 48% of respondents said they expect to get an attack in the next year and 80% believe that the frequency of such attacks will increase.
"Most of the critical infrastructure providers to give support and really hope to be able to cooperate with their governments in planning for CIP. However, we would not expect much movement on the government side related matters referred to in this year," says Symantec.
2. Zero-Day Vulnerability and Target Very Special
In 2010, Hydraq aka Aurora, provide concrete examples of the target class with a very specific threat that is growing. The threat was trying to infiltrate into a particular organization or a particular type of computer systems by exploiting software vulnerabilities that were previously unknown.
Attackers have used this security hole for years, but when the threat to the very specific target gained momentum in 2011. Symantec predicts, users will see zero-day vulnerabilities appear more in the next 12 months than in the previous year.
The main drivers behind this trend is the nature of the low distribution of malware. Threat with specific targets to focus only on a small number of organizations or individuals in order to steal valuable data or infiltration / access the target system.
By exploiting this fact, the attacker intends to increase their madness and attack their targets in a single attack without being noticed.
3. New IT Security Model
The use of smartphones and tablet continues to grow at a pace that is unprecedented. IDC estimates that by the end of the year, shipments of new mobile devices will increase by 55% and Gartner meproyeksikan that in the same time, 1.2 billion people will use mobile phone with a rich web connectivity capabilities.
When the devices become more sophisticated while only a small portion of mobile platforms that dominate the market, it is inevitable that the attacker will enter the mobile devices in 2011 and that mobile devices will become the main source of loss of confidential data.
Therefore, the spread of this gadget is not showing signs of decline in the years to come, companies will be attracted by the new security model to protect data that is stored and can be accessed through the device.
Moreover, when employees become more mobile and work when you travel, the company also had to overcome various challenges associated with adopting new models, such as security in the cloud, for appropriate solutions that will work seamlessly on many platforms and devices .
4. Triggering Encryption Technology
Explosion in the use of mobile devices in the corporate environment does not only mean that the company will face new challenges in keeping the device and critical data in it easily accessible and safe. But they also must comply with various industry data protection regulations of data protection and privacy.
Despite these regulations, many companies / organizations do not disclose when the device moves that contains important data is lost, as they did with the laptop.
"In fact, employees do not always report the loss of these devices into their company. This year, we predict that regulators will begin to take action against this problem and this will encourage companies / organizations to further enhance the use of encryption technology, especially for mobile devices," Symantec said.
The company is also believed to be a more proactive approach to data protection by adopting encryption technology to meet the standards of compliance with regulations and avoid heavy fines and damage to their brand which is caused by a data breach.
5. Attacks Triggered Political Interests
In the study CIP Symantec, more than half of all companies said they suspect or reasonably believe that they have launched an attack with a specific political purpose.
Previously, these attacks particularly in the area of cyber espionage or attack type of denial-of-service to the Web service. However, with the opening of Pandora's box because Stuxnet, it seems we will see these threats move more than just a game of espionage and interference, because the malware is armed to cause damage in the real world.
Symantec assumes that Stuxnet probably only the first tangible indication of death from the efforts that some people call it a 'cyber war' that has been occurring for some time now.
"In 2011, indications that more clear about the efforts to control the digital arms race which is currently ongoing will come to the surface," added Symantec
Awesome article. It will be interesting to see how security tightens up with the recent Gawker attacks, and the Wikileaks situation.
ReplyDelete