Top Seven Emerging Security Trends from 2011

Thursday, December 15, 2011



Security services provider IID (Internet Identity) has published their picks for the top seven emerging security trends from 2011.

Issues gaining attention over the past year include the weakening of the digital certificate authorities, surges in malware targeting mobile devices, designer malware, and the rash of corporate network breaches - be they by hacktivists, nation-state supported hackers, or criminal syndicates.

The following is IID's list of security issues that made an impact in 2011:

1. The year of the data breach — From Epsilon to RSA Security SecurID to Sony, we have witnessed criminals concentrating on organizations that house proprietary data for millions of customers. In each case, cyber criminals targeted and attacked these organizations in particular in order to gain access to vital personal information (like email addresses, shopping habits, etc.) that could lead to broader consumer and employee attacks (better known as spear phishing). IID estimates that by the number of reported events, 2011 was likely the worst year ever for data breach incidents, and the forecast does not look any better for 2012.

2. Mobile malware — As was predicted last year, the security industry has tracked a rapid rise of malicious software (malware) for applications, with a trend towards targeting Google’s Android mobile phones. This malware has popped up both on unofficial marketplaces or even with “good” apps becoming infected and repurposed as bad ones. When malware is downloaded onto a phone, criminals can essentially take over that phone and gain access to any information that is shared on it from emails to text messages to bank login information, without the phone’s owner even knowing it.

3. Criminals communicate with social media — As opposed to utilizing secret chat rooms, some cyber crime organizations like LulzSec and Anonymous are boldly using social networking sites to promote and coordinate their efforts. For example, June’s Operation Anti-Security, a joint effort by LulzSec and Anonymous, was advertised on Twitter and involved cyber attacks on the FBI and affiliated agencies.

4. Big busts — Public-private partnerships have resulted in the takedown of numerous online criminal networks. For example, on November 8, the FBI, in partnership with various private sector entities, executed one of the largest coordinated cyber-takedown efforts ever with Operation Ghost Click. The target of this takedown, malware dubbed DNSChanger, is estimated to have infected over 4 million machines in 100 countries. And in September Microsoft took down the Kelihos botnet, a network of private computers infected with malware unknowingly to those computers’ owners. That botnet reportedly consisted of a network of 41,000 infected computers capable of sending billions of spam emails per day.

5. Attacks redirected at registrars — Criminals are publicly stating that foiled cyber attacks have prompted them to turn to targeting the "domain name company," otherwise known as a registrar. For example, in the September hijacking of, and other major Internet properties, cybercriminals targeted their registrars to indirectly hijack the domains. By targeting the registrar, cybercriminals have access to their original target through this extended enterprise connection that is often overlooked. And in the case of a domain hijacking, that means complete control of the targeted organization’s Web presence, email, and Internet-based transactions.

6. Malware with a purpose — Continuing a major trend from 2010, malware is no longer being used just for the thrill of a takeover, or as a means of ripping off credit card numbers. Criminals are purposefully targeting enterprises in order to gain access to proprietary organizational assets. For instance researchers found the “Duqu” Remote Access Trojan was built as a weapon for espionage and targeted attacks against certificate authorities (CAs). By gaining access to these CAs, cyber criminals then have the key to access vital data from enterprises through its infrastructure. Industries previously thought to be insulated from cyber threats, like CAs, have been clearly been caught in the criminal crosshairs.

7. SSL Certificate Flaws Exposed — While there may be nothing wrong with encryption technology itself, the September breach of Netherlands-based CA Diginotar showed that blind trust placed in SSL (secure sockets layer) encryption certificate providers must be examined. The breach showed that even the foremost experts in Internet security can have their proprietary information hijacked just like any other company.

Many of these trends are expected to continue to impact security throughout 2012 and beyond, meaning information security will continue to be a growth industry for the foreseeable future.


Possibly Related Articles:
Security Awareness
SSL Trend breaches malware Botnets Social Media Headlines Hacktivist Law Enforcement Mobile Security Certificate Authority DUQU
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.