Threat predictions 2011

1,536 views

Published on

More than 80% of Today’s Top Malware Arrives via Web. More than 80% of Today’s Top Malware Arrives via Web. And
Security Demands on cloud service providers will increase. See the rest of Trend Micro's predictions for 2011.

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,536
On SlideShare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
31
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • 60 billion queries every 24 hoursBlocks 5.5 billion threats dailyProcesses 3.2 terabytes of data dailyAn average 102 million users connected to the network each day
  • Thanks to easy-to-use underground toolkits, mid-sized companies will be targeted in cyber-espionage.  In 2010, the use of underground toolkits exploded, making it easier to target particular types of organizations.  ZeuS primarily targeted small businesses in 2010.  Moving forward, localized and targeted attacks are expected to continue to grow in their number and sophistication both against big name brands and/or critical infrastructure.  
  • Cybercriminals will explore profitability of mobile device attacks, but monoculture is required before such attacks become mainstream
  • Threat predictions 2011

    1. 1. Trend Micro Threat Predictions for 2011<br />Classification 12/16/2010<br />1<br />
    2. 2. Threats Today<br />Classification 12/16/2010<br />2<br />FACT #1:<br />More than 80% of Today’s Top Malware Arrives via Web1<br />FACT #2:<br />3.5 new threats every second are released by cybercriminals2<br />1 – source TrendLabs data Apr – Sept 2010<br />2 – source Trend Micro Smart Protection Network<br />
    3. 3. The Power of Trend Micro Smart Protection Network<br />60 billion queries every 24 hours<br />Blocks 5.5 billion threats daily<br />Processes 3.2 terabytes of data daily<br />An average 102 million users connected to the network each day<br />Classification 12/16/2010<br />3<br />
    4. 4. Prediction #1 – Cloud-related issues<br />Security Demands on cloud service providers will increase <br />Proof of concept attacks against cloud infrastructure and virtualized systems will emerge in 2011 <br />Diversity of Operating Systems at the endpoints forces the bad guys to focus more on critical cloud services and server infrastructures<br />Classification 12/16/2010<br />4<br />
    5. 5. Prediction #2 – Targeted Attacks and Cyber-Espionage<br />Mid-sized companies will be targeted in cyber-espionage  <br />Easy-to-use underground toolkits enable targeted attacks on particular types of organization<br />ZeuS primarily targeted small businesses in 2010<br />Growth of targeted and localized attacks will continue both against big name brands and/or critical infrastructure <br />Classification 12/16/2010<br />5<br />
    6. 6. Prediction #3 – The Cybercrime Underground Evolution<br />Further consolidation in the cybercrime underground<br />Groups merge and/or join forces as global, public attention for cyber attacks grows<br />Example: ZeuS / SpyEye<br />Classification 12/16/2010<br />6<br />
    7. 7. Prediction #4 – Clever Malware Campaigning<br />It’s all about social engineering.  <br />Fewer infiltrated websites, more cleverly crafted and localized HTML e-mails with URL’s pointing to the infection source<br />Malware campaigning will ensure fast and reliable spreading of the downloader <br />The downloader then downloads randomly generated binaries to avoid detection<br />Classification 12/16/2010<br />7<br />
    8. 8. Prediction #5 – Malware Attacks<br />Increasing use of stolen or legitimate digital certificates in malware attacks, to avoid detection<br />Huge growth in use of complex domain generation algorithms (as used by Conficker & LICAT) in Advanced Persistent Threats, and increase in Java-based attacks<br />Classification 12/16/2010<br />8<br />
    9. 9. Prediction #6 – Focus for Vulnerabilities and Exploits<br />Growth in exploits for alternative operating systems, programs and web browsers, combined with tremendous growth in the use of application vulnerabilities (Flash, etc)<br />Classification 12/16/2010<br />9<br />
    10. 10. Prediction #7 – Security Vendors Become Targets<br />Security vendors’ brands will increasingly be targeted by criminals<br />Result: Confusion and insecurity among users<br />Classification 12/16/2010<br />10<br />
    11. 11. Prediction #8 – Mobile Risks<br />More proof of concept, and some successful attacks on mobile devices, but not yet mainstream<br />Cybercriminals will explore profitability of mobile device attacks, but monoculture is required before such attacks become mainstream<br />Classification 12/16/2010<br />11<br />
    12. 12. Prediction #9 – Old Malware Reinfections<br />Some security vendors will run into trouble with local signatures not being able to store all the threat information<br />They will retire old signatures which will lead to infections with old/outdated malware<br />Classification 12/16/2010<br />12<br />
    13. 13. Prediction #10 – Vulnerable Legacy Systems<br />Targeted attacks on “unpatchable” (but widely used) legacy systems<br />Windows 2000/Windows XP SP2 <br />Embedded systems like Telecom switchboards etc.  <br />Classification 12/16/2010<br />13<br />
    14. 14. THANK YOU!<br />Classification 12/16/2010<br />14<br />

    ×