Stuxnet-like cyber attacks will prove a top trend in 2011, say experts

Cyber attacks on computer control (SCADA) systems for critical infrastructure will maintain momentum into 2011, according to security experts.

Cyber attacks on computer control (SCADA) systems for critical infrastructure will maintain momentum into 2011, according to security experts.

The purpose of such attacks is likely to be more for ransom or extortion purposes than espionage or sabotage, said David Harley, senior research fellow at security firm ESET.

"This means SCADA facilities will have to improve their security procedures wherever possible," he said.

According to David Harley, this will be painful and will take a lot of time where such sites are driven by cost and administration issues, rather than security.

"The fact that many of these systems never go off line, because no redundancy was built into the facility, have security implications far beyond malware and OS or application patching," Harley said.

Although there will be more attacks such as Stuxnet targeting critical infrastructure, such as government and military systems, the attacks will remain rare because hackers need to be very well resourced to build a virus of this magnitude, said Joona Airamo, chief information security officer at Stonesoft.

"Stuxnet was made up of four zero-day vulnerabilities and the one used also by the Conficker worm. Its complexity and the expense of developing the virus both point in the direction of it being a government sponsored attack," Joona Airamo said.

It takes a range of expertise, resources and sheer man-hours to pull off something as sophisticated as Stuxnet, said Harley.

Although it is unlikely that the entire black-hat community will unite to attack hard targets when there are easier targets, a wide range of malware families "borrow" attack methods from Stuxnet, he said.

"These don't have the ambition and innovation or the sophistication of Stuxnet or Zeus - this is just the bad guys adding an approach that seems to work for other attackers. The next big attack will probably be significantly different to Stuxnet, but it will come," he said.

Malware for mobile devices is widely expected to increase in 2011, particularly for the Apple mobile operating system as it becomes more commonly used, said Airamo.

Inevitability, as the smartphone continues to become the primary home computer, said Harley, it will continue to attract the attention of the maliciously minded.

This will be much less about malware and more focused on social engineering, he said, with attacks such as vishing, smishing and luring victims into paying for useless or actively malicious apps becoming more common.

"As with mainstream computing platforms, the target will be the credit card or banking account, rather than the hardware or operating system," said Harley.

The Boonana Trojan Horse, which affected social networking sites in November, is a clear indication of where things are likely to go, he said.

The virus was spread through Facebook and used social engineering to direct users to a fake YouTube page and tricked them into watching an infected video.

"Social engineering is without doubt going to be a major problem for everyone in 2011," said Harley.

Airamo also predicts a rise in targeted social engineering attacks in which criminals undertake thorough investigations of people in order to penetrate corporate networks for significant financial gain.

"This will hopefully result in organisations taking more time to educate staff on cybercrime, but maybe not. After all, the human factor has long been the weak link in the security chain," he said.

There will be an increase in the number of malware-related attacks through social networking sites like Facebook and Twitter in 2011, said Airamo, with a single attack affecting thousands or even millions of people.

"Hackers will use malware that copies a user's address book and sends out malicious e-mails or files to all their friends. Just like the old e-mail scams, the malicious file will look like it has been sent from the initial target so recipients will trust the source," he said.

Harley predicts that botnets will continue to be a major problem, as will fake advertising campaigns and self-launching malware exploiting the .LNK vulnerability on unpatched Microsoft systems.

Read more on Hackers and cybercrime prevention