Security predictions for 2011

Last year was one of the most eventful in the information security space for quite some time. It can seem a daunting task securing your organisation in the face of such threats, but a proactive approach has always been the best means of defence. With this in mind V3.co.uk spoke to some key security experts to bring you the major trends to look out for in 2011.

Socially engineered malware campaigns
This year, we're likely to see fewer drive-by-malware attacks targeting legitimate sites and more email-borne malware campaigns using social engineering to trick users into clicking on malicious links or attachments.

According to Trend Micro chief technology officer Raimund Genes, this is because drive-by-download style attacks are not measurable enough for the cyber criminals. Put simply, with this kind of attack the bad guys never know actually how many victims are going to visit the site in question, or for how long the malicious code is up there undetected. A malicious spam campaign, though, can be monitored and tweaked to reap the maximum return.

The ready availability of easy-to-use toolkits on the black market will lead to a mushrooming of email-borne threats in 2011 aimed at all sizes of organisation, said Trend, and targeted and highly localised emails will become very common.

Cyber warfare
If 2010 can be summed up for anything it is the year that cyber warfare, or state-sponsored hacking at least, went mainstream. Now that the world's media has its gaze fully trained on such attacks, it is likely that we'll hear of many more in 2011, although worryingly it's still likely that the majority will go unnoticed.

With various high-profile figures such as GCHQ's Iain Lobban warning of the risk from state-sponsored attacks, and the revelation that Chinese authorities were involved in the Google hacks, it is certainly a trend set to continue into 2011.

Hacktivism
This is another issue that dominated 2010, in particular the past month or so with various WikiLeaks-related DDoS attacks. Hactivism is nothing new but is set to become widespread in 2011.

The means to launch DDoS and other attacks on a web property of choice is now democratised like never before, allowing virtually anyone to get involved.

This obviously presents yet another area of risk to the IT security chief, although what is perhaps more concerning is the voluntary botnets created by members of the Anonymous web group.

With such movements likely to grow in the face of grim economic conditions, firms and especially big name brands need to keep a watchful eye on what the internet opinion says about them.