More than 80% of Today’s Top Malware Arrives via Web. More than 80% of Today’s Top Malware Arrives via Web. And
Security Demands on cloud service providers will increase. See the rest of Trend Micro's predictions for 2011.
2. Threats Today Classification 12/16/2010 2 FACT #1: More than 80% of Today’s Top Malware Arrives via Web1 FACT #2: 3.5 new threats every second are released by cybercriminals2 1 – source TrendLabs data Apr – Sept 2010 2 – source Trend Micro Smart Protection Network
3. The Power of Trend Micro Smart Protection Network 60 billion queries every 24 hours Blocks 5.5 billion threats daily Processes 3.2 terabytes of data daily An average 102 million users connected to the network each day Classification 12/16/2010 3
4. Prediction #1 – Cloud-related issues Security Demands on cloud service providers will increase Proof of concept attacks against cloud infrastructure and virtualized systems will emerge in 2011 Diversity of Operating Systems at the endpoints forces the bad guys to focus more on critical cloud services and server infrastructures Classification 12/16/2010 4
5. Prediction #2 – Targeted Attacks and Cyber-Espionage Mid-sized companies will be targeted in cyber-espionage Easy-to-use underground toolkits enable targeted attacks on particular types of organization ZeuS primarily targeted small businesses in 2010 Growth of targeted and localized attacks will continue both against big name brands and/or critical infrastructure Classification 12/16/2010 5
6. Prediction #3 – The Cybercrime Underground Evolution Further consolidation in the cybercrime underground Groups merge and/or join forces as global, public attention for cyber attacks grows Example: ZeuS / SpyEye Classification 12/16/2010 6
7. Prediction #4 – Clever Malware Campaigning It’s all about social engineering. Fewer infiltrated websites, more cleverly crafted and localized HTML e-mails with URL’s pointing to the infection source Malware campaigning will ensure fast and reliable spreading of the downloader The downloader then downloads randomly generated binaries to avoid detection Classification 12/16/2010 7
8. Prediction #5 – Malware Attacks Increasing use of stolen or legitimate digital certificates in malware attacks, to avoid detection Huge growth in use of complex domain generation algorithms (as used by Conficker & LICAT) in Advanced Persistent Threats, and increase in Java-based attacks Classification 12/16/2010 8
9. Prediction #6 – Focus for Vulnerabilities and Exploits Growth in exploits for alternative operating systems, programs and web browsers, combined with tremendous growth in the use of application vulnerabilities (Flash, etc) Classification 12/16/2010 9
10. Prediction #7 – Security Vendors Become Targets Security vendors’ brands will increasingly be targeted by criminals Result: Confusion and insecurity among users Classification 12/16/2010 10
11. Prediction #8 – Mobile Risks More proof of concept, and some successful attacks on mobile devices, but not yet mainstream Cybercriminals will explore profitability of mobile device attacks, but monoculture is required before such attacks become mainstream Classification 12/16/2010 11
12. Prediction #9 – Old Malware Reinfections Some security vendors will run into trouble with local signatures not being able to store all the threat information They will retire old signatures which will lead to infections with old/outdated malware Classification 12/16/2010 12
13. Prediction #10 – Vulnerable Legacy Systems Targeted attacks on “unpatchable” (but widely used) legacy systems Windows 2000/Windows XP SP2 Embedded systems like Telecom switchboards etc. Classification 12/16/2010 13
60 billion queries every 24 hoursBlocks 5.5 billion threats dailyProcesses 3.2 terabytes of data dailyAn average 102 million users connected to the network each day
Thanks to easy-to-use underground toolkits, mid-sized companies will be targeted in cyber-espionage. In 2010, the use of underground toolkits exploded, making it easier to target particular types of organizations. ZeuS primarily targeted small businesses in 2010. Moving forward, localized and targeted attacks are expected to continue to grow in their number and sophistication both against big name brands and/or critical infrastructure.
Cybercriminals will explore profitability of mobile device attacks, but monoculture is required before such attacks become mainstream