As we reach the final month of the year, it's time to reflect on the year gone by and look ahead to what the next year might hold.

So here's a look at what 2011 holds in store for security - with a little help from some outside sources.

Precision attacks

Malware attacks in general have already evolved over the years from a napalm, carpet-bombing approach designed for maximum disruption and notoriety to attacks focused on remaining undetected and stealing money or identity information (in order to steal money in most cases). That evolution is continuing, though, with even more precise attacks.

A MessageLabs blog explains:"One of the most threatening advances in malware during 2010 broadened the range of targets beyond PCs and servers when the Stuxnet Trojan attacked programmable logic controllers. This specialised malware written to exploit physical infrastructures will continue in 2011 driven by the huge sums of money available to criminal enterprises at low risk of prosecution."

2010 saw the Stuxnet worm - apparently developed specifically with the goal of compromising Iranian nuclear reactor functionality, and the attack launched against Google (and a number of other companies) - seemingly orchestrated by the government of China if the WikiLeaks documents are accurate. Malware attacks are now a tool for both corporate and government espionage, giving IT admins one more thing to worry about.

Ripped from the headlines

Social engineering is all about catching users off guard and luring them into clicking on malicious links or sharing sensitive information. It is common for attackers to exploit breaking news as malware bait. Events like the World Cup or the BP oil spill in the Gulf of Mexico are popular topics that generate broad interest. Headline news often becomes the bait for malicious spam and phishing attacks, duping unsuspecting victims.

Attackers have a new way to exploit current events, though, and that trend will continue in 2011. Malware developers have figured out how to game search engines to get malicious links featured prominently in search results. MessageLabs suggests that in 2011 rather than "just promoting compromised websites through search engine optimisation they will proactively identify websites likely to see higher than normal levels of traffic based on current events or hot topics on the internet".

Beware the web

Attackers figured out long ago that the web is the easiest way into most networks. Firewalls are designed to restrict unauthorised traffic, and generally block network activity on virtually all ports - except port 80. The web is so commonly used that attacks travelling through port 80 are much less likely to be detected.

Now, the web is not only commonly used as the web, but increasingly it is becoming the everything. Web-based -mail and productivity applications, and cloud storage are part of the mainstream now, making the web an even more attractive target.

A spokesperson from Palo Alto Networks describes how current trends increase the security concern. "Consolidation of various messaging platforms (chat, social media, email) into web services (Gmail, Facebook etc) will increase - making it an attractive target for hackers who want to break into the corporate network."

NEXT PAGE: Low-hanging fruit

  1. What's in store for security next year
  2. Low-hanging fruit