Quantcast

PandaLabs Predicts Security Trends for 2011

December 13, 2010

ORLANDO, Fla., Dec. 13, 2010 /PRNewswire/ — PandaLabs, the antimalware laboratory of Panda Security, the Cloud Security Company, has forecasted several radical innovations in cyber-crime for 2011. Hacktivism and cyber-war; more profit-oriented malware; social media; social engineering and malicious codes with the ability to adapt to avoid detection will be the main threats in the coming year. There will also be an increase in the threats to Mac users, new efforts to attack 64-bit systems and zero-day exploits.

Following is a summary of what PandaLabs predicts as the ten major security trends of 2011:


           Malware creation: In 2010, PandaLabs witnessed significant
           growth in the amount of malware and discovered at least 20
           million new strains, more than in 2009. At present, Panda's
           Collective Intelligence database stores a total of more
           than 60 million classified threats. The actual rate of
           growth year-on-year however, appears to have peaked.
           Several years ago it was over 100 percent and in 2010 it
    1.     was 50 percent.

           Cyber war: Stuxnet and the WikiLeaks cables suggesting the
           involvement of the Chinese government in the cyber-attacks
           on Google and other targets have marked a turning point in
           the history of these conflicts. Stuxnet was an attempt to
           interfere with processes in nuclear plants, specifically,
           with uranium centrifuge. Attacks such as these, albeit more
           or less sophisticated, are still ongoing, and will
           undoubtedly increase in 2011, even though many of them will
    2.     go unnoticed by the general public.

           Cyber-protests: Cyber-protests, or hacktivism, are all the
           rage and will continue to grow in frequency. This new
           movement was initiated by the Anonymous group and Operation
           Payback, targeting organizations trying to close the net on
           Internet piracy, and later in support of Julian Assange,
           editor-in-chief of WikiLeaks. Even users with limited
           technical know-how can join in the distributed denial of
    3.     service attacks (DDoS) or spam campaigns.

      Despite hasty attempts in many countries to pass legislation to
       counter this type of activity effectively by criminalizing it,
       PandaLabs believes that in 2011 there will be more cyber-
       protests, organized by this group or others that will begin to
       emerge.

           Social engineering: Cyber-criminals have found social media
           sites to be their perfect working environment, as users are
           even more trusting with these than with other types of
    4.     tools, such as email.

      Throughout 2010, PandaLabs witnessed various attacks that used
       the two most popular social networks -Facebook and Twitter -
       as launching pads. In 2011, not only will hackers continue to
       use these networks, but it is predicted that they will also be
       used more for distributed attacks.

      BlackHat SEO attacks (indexing and positioning of fake websites
       in search engines) will also be widely employed throughout
       2011, as always, taking advantage of hot topics to reach as
       many users as possible. In addition, a significant amount of
       malware will be disguised as plug-ins, media players and other
       similar applications.

           Windows 7 influencing malware development: It will take at
           least two years before there is a proliferation of threats
           designed specifically for Windows 7. In 2010, PandaLabs
           began seeing a shift in this direction, and predicts that
           in 2011, new cases of malware targeting users of this new
    5.     operating system will continue to emerge.

           Mobile phones: In 2011 there will be new attacks on mobile
           phones, but it will not be on a massive scale. Most of the
           existing threats target devices with Symbian, an operating
           system which is now on the wane. Of the emerging systems,
           PandaLabs predicts that the threats for Android will
           increase considerably throughout the year, becoming the
    6.     number one mobile target for cyber-crooks.

           Tablets: The dominance of the iPad will start to be
           challenged by new competitors entering the market.
           Therefore PandaLabs does not believe that tablet PCs will
           become a major consideration for the cyber-criminals in
    7.     2011.

           Mac: Malware for Mac exists, and will continue to exist. And
           as the market share of Mac users continues to grow, the
           number of threats will grow. The greatest concern is the
           number of security holes in the Apple operating system.
           Developers will need to patch these holes as soon as
           possible, as hackers are well aware of the possibilities
    8.     that these vulnerabilities offer for propagating malware.

           HTML5: HTML5 is the perfect target for many types of
           criminals and could eventually replace Flash. It can be run
           by browsers without any plug-ins, making it even more
           attractive to find a security hole that can be exploited to
           attack users regardless of which browser they use.
           PandaLabs expects to see the first attacks on HTML5 in the
    9.     coming months.

           Highly dynamic and encrypted threats: PandaLabs expects
           dynamic and encrypted threats to increase in 2011.
           PandaLabs is receiving more and more encrypted, stealth
           threats designed to connect to a server and update
           themselves before security companies can detect them. There
           are also more threats that target specific users,
           particularly companies, as information stolen from
    10.    businesses will fetch a higher price on the black market.

“The overall picture is not improving. Even though we saw several major arrests that hit hard in the world of cyber-crime in 2010, it is still sadly insufficient when considering the scale of what the current malware landscape is. Profits from this black market amount to millions of dollars, and many criminals operate with impunity thanks to the anonymity of the Internet and numerous legal loopholes,” said Luis Corrons, technical director, PandaLabs. “The economic climate has contributed to the seriousness of the situation: as unemployment grows in numerous countries, many people see this as a low risk opportunity to earn money.”

More information is available in the PandaLabs Blog.

About PandaLabs

Since 1990, PandaLabs, Panda Security’s malware research laboratory, has been working to detect and classify malware in order to protect consumers and companies against new Internet threats. To do so, PandaLabs uses Collective Intelligence, a cloud-based proprietary system that leverages the knowledge gathered from Panda’s user community to automatically detect, analyze and classify the more than 63,000 new malware strains that appear every day. This automated malware classification is complemented through the work of an international team with researchers specialized each in a specific type of malware (viruses, worms, Trojans, spyware and other attacks) to provide global coverage. Get more information about PandaLabs and subscribe to its blog news feed at http://www.pandalabs.com. Follow Panda on Twitter at http://twitter.com/PandaComunica and Facebook at http://www.facebook.com/PandaSecurity.

SOURCE Panda Security


Source: newswire



comments powered by Disqus