Targeted attacks set to blow up in 2011

Targeted attacks set to blow up in 2011

Symantec says targeted attacks will spike this year, following 2010 where Stuxnet set a new precedent.

Businesses have been warned about more targeted attacks coming in 2011, as cyber criminals build on their successes from 2010.

Last year saw the likes of Stuxnet and Hydraq set a precedent for targeted attacks, using zero-day vulnerabilities to penetrate systems, a Symantec report noted.

This year will only see more of these attacks, where employees are targeted by spear phishing emails and cyber criminals go after specific kinds of corporate data, the security giant claimed.

Sian John, distinguished engineer at Symantec, said Stuxnet proved “there is no such thing as something that is not a target.”

“For us it is a move towards looking at any file that comes on a system, don’t assume that it’s good,” John said.

“Let’s look at building a reputation around it, let’s look at what the file is actually doing… But at the same time look at what you are actually doing on a system, so once you have installed a file, let me just check what that system is doing – is it trying to bypass things, is it trying to open up backdoors?”

The report came following various targeted attacks on both the public and private sector this year.

In particular, Advanced Persistent Threats (APTs) emerged as something the security industry and enterprises needed to look at seriously, John said.

The security arm of EMC, RSA, was recently hit by an APT, as data on the firm’s token product SecurID went missing.

Symantec said the increasing prevalence of zero-day vulnerabilities and rootkits was partly responsible for the rise of targeted attacks.

In 2010, a total of 14 new zero-day flaws were discovered in a number of widely used applications, such as Adobe Flash Player and Internet Explorer.

Hackers will increasingly adopt rootkit exploits into targeted attacks too, Symantec said.

More generally, the security giant saw 286 million new threats appear last year, as well as a 93 per cent in rise in web attacks over 2009.

Making money from mobile malware

Meanwhile, mobile attacks will start bringing in profit for hackers in 2011, according to Symantec, as the level of threats rise.

Symantec spotted 163 vulnerabilities in mobile device operating systems in 2010, compared to 115 in 2009.

Up until now, however, attacks have mainly come through trojanised third-party applications, which have only dialled or texted premium rate numbers from the phone.

This is still not as profitable as stealing online banking credentials and carrying out credit card fraud, Symantec noted.

“As people start to do more financial transactions over mobiles, we expect to see more activity,” John said.

“In the next year, mobile attacks will get more sophisticated.”

Symantec said it expects to see more PC-like attacks hit smartphones - such as phishing - as cyber criminals decide to stick with tried and tested methods.

This article originally appeared at itpro.co.uk

Source: Copyright © ITPro, Dennis Publishing

See more about:  targeted  |  attacks  |  set  |  blow  |  2011
 
 

Readers of this article also read...

Should you upgrade your iPhone to iOS 6? 

Should you upgrade your iPhone to iOS 6?

 
Apple invites go out for September 12th event – iPhone 5 incoming 

Apple invites go out for September 12th event – iPhone 5 incoming

 
Photos: Google's Project Glass 

Photos: Google's Project Glass

 
In Pictures: (Almost) Live from Mars 

In Pictures: (Almost) Live from Mars

 
Telstra lures 4G users with a pre-paid hotspot 

Telstra lures 4G users with a pre-paid hotspot

 

Latest Comments

Latest Poll

What PC component are you planning to upgrade in the next six months










Ads by Google

From our Partners

PC & Tech Authority Downloads