Security threats in 2011 - what should you prepare for?
Stonesoft predicts security themes evolve around Stuxnet, social engineering and
advanced evasion techniques
Helsinki, January 12, 2011 - While it's time for industry heads to reflect back
on what has been and forecast what is yet to come, the IT security industry is
no different. As many security companies have listed the most significant
milestones in the world of data security in the previous year, Stonesoft, an
innovative provider of integrated network security and business continuity
solutions, reveals what organizations should prepare for in 2011.
"As with any year in cyber security, there will undoubtedly be many unwelcome
surprises", says Joona Airamo, chief information security officer at Stonesoft.
"The bearing themes in 2010 were definitely Stuxnet, social engineering attacks
and advanced evasion techniques, and I am pretty confident that the threats of
2011 will evolve around these themes as well", Airamo continues.
With over 20 years of experience in network security, here's what Stonesoft
predicts:
1. As the Apple OS becomes more commonly used, there will be a nasty worm or
virus which is going to target it specifically.
2. There will be an increase in the number of malware related attacks through
social networking sites like Facebook and Twitter, with a single attack
affecting thousands (or even millions) of people. Hackers will use malware
that copies a user's address book and sends out malicious emails/files to
all their friends. Just like the old email scams, the malicious file will
look like it has been sent from the initial target so recipients will trust
the source.
3. We can expect to see more "information warfare"-type attacks on nation
states. The political motivation in the attacks will increase, even though
the attacks with a financial motivation will clearly remain dominative.
4. There will be a rise in targeted 'social engineering' attacks. Sophisticated
hackers will undertake thorough investigations of people in order to
penetrate corporate networks for significant financial gain. This will
hopefully result in organizations taking more time to educate staff on
cyber-crime, but maybe not. After all, the human factor has long been the
weak link in the security chain.
5. We will see more attacks like Stuxnet. The target will be critical
infrastructure, such as government and military systems. The attacks will
remain rare because hackers need to be very well resourced in order to build
a virus of this magnitude. Stuxnet was made up of four zero-day
vulnerabilities and the one used also by the Conficker worm. Its complexity
and the expense of developing the virus both point in the direction of it
being a government sponsored attack.
6. The smartphone is set to become a more prominent target for hackers. The
amount of smartphones sold in 2011 will get closer to the amount of sold
PCs.
7. Hackers will be even more promiscuous in quickly spreading viruses far and
wide. They will try to improve their "return of investment" by making sure
no vulnerability is left unused and by utilising the full window of
opportunity when the security patches are not yet installed.
8. Stonesoft's recent discovery of Advanded Evasion Techniques (AETs) means
that the whole IPS (Intrusion Prevention System) vendor community will have
to unite in order to build sufficient protection to mitigate against this
new method of attack.
For information on how to protect against these threats please visit
www.stonesoft.com or contact your security vendor.
For more details, please contact:
Joona Airamo
Chief Information Security Officer
Stonesoft Corporation
Tel. +358 9 476 711
E-mail: joona.airamo(AT)stonesoft.com
About Stonesoft
Stonesoft Corporation (NASDAQ OMX: SFT1V) is an innovative provider of
integrated network security solutions to secure the information flow of
distributed organizations. Stonesoft customers include enterprises with growing
business needs requiring advanced network security and always-on business
connectivity.
StoneGate(TM) Secure Connectivity Solution unifies firewall, VPN, IPS and SSL
VPN blending network security, end-to-end availability and award-winning load
balancing into a unified and centrally managed system. The key benefits of the
StoneGate solution include low TCO, excellent price-performance ratio and high
ROI. The StoneGate Virtual Security Solutions protect the network and ensure
business continuity in both virtual and physical network environments.
StoneGate Management Center provides unified management for StoneGate Firewall
with VPN, IPS and SSL VPN. StoneGate Firewall and IPS work together to provide
intelligent defense all over the enterprise network while StoneGate SSL VPN
provides enhanced security for mobile and remote use.
Founded in 1990, Stonesoft Corporation is a global company with corporate
headquarters in Helsinki, Finland and Americas headquarters in Atlanta, Georgia.
For more information, visit www.stonesoft.com, www.antievasion.com and the
corporate blog http://stoneblog.stonesoft.com.
This announcement is distributed by Thomson Reuters on behalf of
Thomson Reuters clients. The owner of this announcement warrants that:
(i) the releases contained herein are protected by copyright and
other applicable laws; and
(ii) they are solely responsible for the content, accuracy and
originality of the information contained therein.
Source: Stonesoft Oyj via Thomson Reuters ONE
[HUG#1479105]