Targeted cyber attacks set to grow in 2011, says Symantec

Targeted attacks, social networking threats, mobile device security and the use of attack toolkits are top trends to watch in 2011, says IT management firm Symantec.

Targeted attacks, social networking threats, mobile device security and the use of attack toolkits are top trends to watch in 2011, says IT management firm Symantec.

Stuxnet highlighted targeted attacks in 2010, but its influence will be felt in malware attacks to come, according to the latest Symantec Internet Security Threat Report.

Stuxnet teaches future attackers that the easiest vulnerability to exploit is trust in colleagues because it would not have worked without someone being given trusted access with a USB key, the report says.

The important thing to note from 2010 is that targeted attacks were not confined to large multinational companies and government agencies, but included a surprising number of smaller organisations, says Sian John, distinguished engineer at Symantec.

Computer Weekly Special Report on Symantec . Click to download (requires registration)

Users install their own software

Pressure to reduce helpdesk calls has led to more companies allowing users to install software on their PCs, says John, but targeted attacks show the need for technologies to enable organisations to manage and control this centrally.

Attacks are also becoming increasingly stealthy, with many targeted attacks using zero-day vulnerabilities to break into computers systems, she says.

Social media vulnerabilities

Social media is another key area businesses need to manage through clear policies and control technologies, says Sian John, as an increasing number of employees turn to these communication channels of both professional and personal use.

One of the main attack techniques involved the use of shortened URLs in 2010, when attackers used millions of these links to trick victims into phishing and malware attacks, says the report.

"These attacks exploit the implied web of trust around social media, with shortened URLs accounting for 65% of malicious links in news feeds in 2010," said John.

Mobile platforms draw hackers' attention

The major mobile platforms are becoming widespread enough to get the attention of attackers. Symantec expects attacks on these platforms to increase, with the number of mobile operating system vulnerabilities increasing 42% in 2010.

Attack toolkits, that can be used by novices and experts alike to launch widespread attacks on networks, continued to be a basic tool for cybercriminals in 2010, and Symantec expects this trend to continue, says John.

These kits increasingly target vulnerabilities in the popular Java platform, accounting for 17% of vulnerabilities affecting browser plug-ins in 2010.

Inevitably, some of the more than 6,000 vulnerabilities discovered in 2010 will find their way into attack kits sold in the underground economy, says the report.

Secure your SCADA architecture by separating networks >>


Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.