1 Security demands on cloud service providers will increase.
Proof-of-concept attacks against cloud infrastructure and virtualized systems will occur in 2011, and diversity of operating systems at the endpoints will force bad guys to focus on critical cloud services and server infrastructures.
2 Mid-sized companies will be cyber-espionage targets
, while targeted and localized attacks will increase against big-name brands and/or critical infrastructure.
3 Cybercrime underground groups will merge and/or join forces.
4 Social engineering will come to the fore
, as cleverly crafted and localized HTML e-mails will contain URLs pointing to an infection source.
5 Malware attacks will be camouflaged
by the use of stolen or legitimate digital certificates. This will be accompanied by growth in the use of complex domain generation algorithms (as used by Conficker and LICAT).
6 Alternative operating systems, programs and Web browsers will increasingly be targeted
, combined with growth in the use of application vulnerabilities (Flash, etc.).
7 Security vendors will increasingly be targeted
by criminals looking to cause confusion and doubt among users.
8 Attacks on mobile devices
will not be widespread, but there will be more proof-of-concept exploits.
9 Some security vendors will hit the capacity limit
of their local malware signature files and will therefore retire old signatures. This will lead to infections from outdated malware.
10 Attacks will target “unpatchable” but widely used legacy systems
, such as Windows 2000, Windows XP SP2 and embedded systems like telecom switchboards.
In our November 2010 issue:
Cybercrime is a global epidemic costing billions of dollars
Security needs an ecosystem of collaboration