2010 predictions: Security

The issue of cyber attacks will move up the national security agenda

The security landscape is a complex, multi-layered one that changes more subtly and indefinitely than the seasons. It is therefore hard to predict security trends with any degree of certainty. That said, by looking back at the security developments of the past year and talking to security experts, we believe we have come up with a list of key trends that any IT leader worth his or her salt would be wise to keep an eye out for in 2010.

Spam, botnets, social networks - the threats continue
As the heavyweight botnets such as Cutwail and Rustock gain access to greater bandwidth with more homes becoming broadband-enabled, spam levels are likely to further increase, according to MessageLabs' senior analyst Paul Wood.

The increasing difficulty in tracking down the command and control channels of botnets will also mean no let-up in the proliferation of malware on the horizon. Meanwhile, the increased availability of specialised criminal toolkits online will make it easier to create, distribute and use spam and malware than ever before, said MessageLabs.

Although social networks will continue their efforts to fight back by launching more built-in tools to scan content and links for malware, there will be no let-up in the attempts by cybercriminals to infect machines and mine personal data via these channels.

Year of DNSSec
Domain Name Systems Security Extensions (DNSSec), the specifications that use public key cryptography to boost the security of the internet's underlying layer, have been around for a while, but widespread deployment has so far proved elusive. However, according to Rodney Joffe, senior technologist at NeuStar and director of the Conficker Working Group, 2010 is likely to see the technology come of age.

"Together with IPv6, it will catapult the DNS to the front of everyone's thoughts," he predicted. The VeriSign .com registry has already announced that it is set for a massive rollout of the security extensions on its .com and .net domains, which it expects will be completed by early 2011. DNS server vendor Nominum, meanwhile, recently launched a new hosted service designed to simplify the rollout of such technology.

Malware writers go after intellectual property
We could also see malware writers increasingly eschewing customer credit card information in favour of other, more valuable, credentials such as intellectual property or financial information, according to Matt Moynahan, president of code scanning firm Veracode.

"All data has a currency attached to it," he said. "How much would you pay for Coke's secret formula, for example? Quite a lot if you're Pepsi."

NeuStar's Joffe added that this kind of industrial espionage has already been seen this year with the theft of 7TB of F-35 jet fighter documents from a Federal subcontractor.

Data loss prevention becomes a must-have technology
The popularity of social networking sites, first among users and then hackers, is leaving many organisations exposed to the threat of malware and data loss, and could mean that firms have to take tough decisions next year about whether to grant access to these sites or put in place other measures.

"This may be the year of data loss prevention on a large scale. We are already being asked as a company to give advice in that area, which means people are taking it very seriously," said Joffe.

Mobile malware
It may be a perennial warning at this time of year, but the computing power, connectivity and ubiquity of smartphones have made them very attractive targets for cyber criminals. As MessageLabs' Paul Wood noted, we have already seen the first worm for the iPhone in the wild, spreading on jailbroken phones.

"Only now are we seeing smartphones become a viable replacement for traditional endpoints, so as users do more everyday business on these phones they will become the focus of more attacks," he said. "The predictions are that by 2012 Android devices will overtake the iPhone, so this is another area we need to watch out for."

More vendor consolidation?
A trend that can be witnessed across the whole of the IT sector, vendor consolidation and the consolidation of product sets offered by these vendors is particularly noticeable in the security space, and this will continue in 2010, according to Ovum analyst Graham Titterington.

"People are wanting to buy from fewer suppliers and are looking for integrated suites. This will strengthen the position of the big vendors and weaken the mid-sized ones," he said. "It may mean the response from Symantec and McAfee is to stop selling pure anti-virus and move more into trying to sell bigger suites of products."

Overwhelmed by patches?
With Microsoft, Oracle, Cisco and seemingly most of all the big name software vendors now releasing regular security updates, you can expect to see increasing pressure from enterprises on their software suppliers to spread the patch burden over time, according to VeriSign's managed security services business iDefense. The firm's manager, Eli Jellenc, argued that "we can expect some sort of decentralised informal initiative" to persuade vendors to arrange their regular patch updates at different times of the month.

Cyber security industry shifts to the public sector
One of the most dramatic shifts in the information security industry next year will be the ascendancy of government and its agencies, as effective cyber security becomes an essential part of every national security strategy, according to iDefense's Jellenc.

"They've been instrumental actors for some time now but as of next year they'll be the dominant figures in terms of spending, new institutions being built, manpower increases, new regulatory authorities, and so on," he said. " The implications are enormous but they're still taking shape – we expect a dramatic increase in government interactions with their own individual private sectors based on national cyber security imperatives."