Web-based stealth attacks on network security will dominate 2011

Viruses will become more subtle and even harder to detect in 2011, and the primary line of attack will continue to be via the internet, according to Redscan.

Malware is now designed to hide undetected on infected systems, ever more subtly, ever more difficult to detect. Never has it been more important to scan networks for installed malware, and maintain security updates and patches to prevent attacks.

The web will continue to facilitate the delivery of malware, according to Redscan’s internet security analyst, Simon Heron: “The internet is the most attractive channel of attack. It provides so many options to infect systems. While, we all know of cases where an infected mobile or USB device has been used on a corporate network – such as Conficker and Stuxnet – it is a slower approach to infection and requires a degree of patience. The real problem is hackers taking advantage of poor programming on a website, and installing malware that attempts to infect visitors. In many cases, website builders do not include security in their design philosophy which so often leads to flaws that can be exploited.”

Other trends identified by Redscan for 2011 include:

Sophistication of social engineering attacks. Events such as the royal wedding in 2011 will undoubtedly prove too tempting for cyber-criminals, using smarter social engineering techniques to dupe victims.

Financial application targeting. Viruses such as Zeus and URLzone have shown the possibilities for criminals to target financial applications. URLzone is particularly concerning as it acts as a “man in the middle’, able to circumvent two-factor authentication by relaying false information back to users. It is likely that this Trojan, or something similar to it, will be developed to target more banks in the coming year.

Growth in the use of DDoS as a political or extortion tool. The botnet “Darkness’ – emerging as a successor to the botnets “Illusion’ and “BlackEnergy’ – reportedly can be hired out for $50 for 24 hours, and used specifically to target financial institutions. December 2010 saw supporters of Wikileaks founder Julian Assange volunteering their computers to a botnet; and tough economic and political times mean this trend is likely to continue into 2011.

Firewall security. Despite the erosion of the perimeter, firewall security remains the single most important defence to the corporate network, and requires good practice to ensure correct usage. Bad configuration and routing, or out-of-date software provide the most common entry points to hackers, and yet are the most easily put right.

The increased socialization of the web, leading to increased data privacy issues. As social networks like Facebook and Twitter continue to grow, so too does the risk of personal data becoming increasingly insecure making ID theft easier. In addition, as these sites are increasingly used for business, there is a risk to confidential commercial information being unintentionally shared as users trust the security of sites whose primary focus is not the security of that data but rather the dissemination of information.

Shifting of the network perimeter and increased threat of infiltration by from mobile devices. Although the number of mobile viruses is still relatively low (and likely to remain so in 2011), the potential for mobile devices to infiltrate the network is increasing, as smartphones and tablets are integrated with desktop computers to back up information.

VOIP vulnerabilities. The take-up of VOIP brings with it associated security issues. Simple precautions can be taken to avoid such breaches (see here for a detailed guide to securing VOIP).

Don't miss