Cyberwar And Smartphones Top Threats For 2011

Government cyber attacks and smartphone vulnerabilities top Imperva’s list of security risks for 2011

Security firm Imperva has compiled a list of the top ten security trends for 2011, with government hacking and smartphone attacks topping the stack.

The security firm highlighted that government-sponsored cyber attacks will become more sophisticated, building on techniques learnt from the the commercial hacker industry, such as automation and viral distribution. Attacks such as the infamous Stuxnet worm are likely to become more common, with hackers aiming to gain control of critical infrastructure.

Meanwhile, cyber security will increasingly become a business process, with CISOs and security professionals needing to become experts in enterprise data protection, according to Imperva. As security researchers become better at unearthing less diligent criminals, the hacker community will consolidate into a few, more powerful cyber-crime organisations.

Imperva gave the example of the cyber-crime ring that used the Zeus Trojan to steal $70 million from US banks and £6 million from UK accounts. Many of the ring leaders were arrested in September this year, following a year-long investigation that included the infiltration of hackers’ servers by security researchers.

Smartphone threats and MitB attacks

The proliferation of smartphones in both the consumer and enterprise markets is also likely to lead to new threats, with organisations struggling to maintain traditional data and application security practices. According to Imperva, the creation of new applications for each device platform could cause older vulnerabilities to surface once again.

Organisations will need to become more rigorous about securing the devices on their network and implementing tools and procedures such as anti-malware, encryption, and authentication.

One new threat raised by Imperva’s report is the use of “Man in the Browser” (MitB) attacks, which result in the user’s web browser being infected by a Trojan with the ability to modify content or insert additional transactions. The security firm claims that more online service providers will be taking responsibility for protecting their customers against these MitB attacks, rather than leaving consumers to deal with it them themselves.

Other trends identified by Imperva include the increased prominence of insider threats – as regulations force organisations to become more transparent – as well as improvements in the security of social networks, data files and the cloud, and the convergence of data security and privacy regulation worldwide.

The complete findings of Imperva’s report are laid out in this white paper.