Trend Micro's 2011 threat predictions highlight an increase in malware attacks, particularly through web channels and targeted attacks on mid-sized companies. Significant concerns include the evolution of the cybercrime underground, clever malware campaigns utilizing social engineering, and vulnerabilities in both legacy systems and alternative operating systems. As mobile device threats emerge and security vendors become targets, the landscape of cybersecurity is expected to evolve dramatically.

1. Trend Micro Threat Predictions for 2011Classification 12/16/20101

2. Threats TodayClassification 12/16/20102FACT #1:More than 80% of Today’s Top Malware Arrives via Web1FACT #2:3.5 new threats every second are released by cybercriminals21 – source TrendLabs data Apr – Sept 20102 – source Trend Micro Smart Protection Network

3. The Power of Trend Micro Smart Protection Network60 billion queries every 24 hoursBlocks 5.5 billion threats dailyProcesses 3.2 terabytes of data dailyAn average 102 million users connected to the network each dayClassification 12/16/20103

4. Prediction #1 – Cloud-related issuesSecurity Demands on cloud service providers will increase Proof of concept attacks against cloud infrastructure and virtualized systems will emerge in 2011 Diversity of Operating Systems at the endpoints forces the bad guys to focus more on critical cloud services and server infrastructuresClassification 12/16/20104

5. Prediction #2 – Targeted Attacks and Cyber-EspionageMid-sized companies will be targeted in cyber-espionage Easy-to-use underground toolkits enable targeted attacks on particular types of organizationZeuS primarily targeted small businesses in 2010Growth of targeted and localized attacks will continue both against big name brands and/or critical infrastructure Classification 12/16/20105

6. Prediction #3 – The Cybercrime Underground EvolutionFurther consolidation in the cybercrime undergroundGroups merge and/or join forces as global, public attention for cyber attacks growsExample: ZeuS / SpyEyeClassification 12/16/20106

7. Prediction #4 – Clever Malware CampaigningIt’s all about social engineering. Fewer infiltrated websites, more cleverly crafted and localized HTML e-mails with URL’s pointing to the infection sourceMalware campaigning will ensure fast and reliable spreading of the downloader The downloader then downloads randomly generated binaries to avoid detectionClassification 12/16/20107

8. Prediction #5 – Malware AttacksIncreasing use of stolen or legitimate digital certificates in malware attacks, to avoid detectionHuge growth in use of complex domain generation algorithms (as used by Conficker & LICAT) in Advanced Persistent Threats, and increase in Java-based attacksClassification 12/16/20108

9. Prediction #6 – Focus for Vulnerabilities and ExploitsGrowth in exploits for alternative operating systems, programs and web browsers, combined with tremendous growth in the use of application vulnerabilities (Flash, etc)Classification 12/16/20109

10. Prediction #7 – Security Vendors Become TargetsSecurity vendors’ brands will increasingly be targeted by criminalsResult: Confusion and insecurity among usersClassification 12/16/201010

11. Prediction #8 – Mobile RisksMore proof of concept, and some successful attacks on mobile devices, but not yet mainstreamCybercriminals will explore profitability of mobile device attacks, but monoculture is required before such attacks become mainstreamClassification 12/16/201011

12. Prediction #9 – Old Malware ReinfectionsSome security vendors will run into trouble with local signatures not being able to store all the threat informationThey will retire old signatures which will lead to infections with old/outdated malwareClassification 12/16/201012

13. Prediction #10 – Vulnerable Legacy SystemsTargeted attacks on “unpatchable” (but widely used) legacy systemsWindows 2000/Windows XP SP2 Embedded systems like Telecom switchboards etc. Classification 12/16/201013

14. THANK YOU!Classification 12/16/201014