TMCnet News
: Web-based 'stealth attacks' on network security will dominate 2011, says RedscanDec 21, 2010 (M2 PRESSWIRE via COMTEX) -- Viruses will become more subtle and even harder to detect in 2011, and the primary line of attack will continue to be via the internet, according to managed security services company, Redscan . Malware is now designed to 'hide' undetected on infected systems, ever more subtly, ever more difficult to detect. Never has it been more important to scan networks for installed malware, and maintain security updates and patches to prevent attacks. The web will continue to facilitate the delivery of malware, according to Redscan's internet security analyst, Simon Heron: "The internet is the most attractive channel of attack. It provides so many options to infect systems. While, we all know of cases where an infected mobile or USB device has been used on a corporate network - such as Conficker and Stuxnet - it is a slower approach to infection and requires a degree of patience. The real problem is hackers taking advantage of poor programming on a website, and installing malware that attempts to infect visitors. In many cases, website builders do not include security in their design philosophy which so often leads to flaws that can be exploited." Other trends identified by Redscan for 2011 include: Sophistication of social engineering attacks. Events such as the royal wedding in 2011 will undoubtedly prove too tempting for cyber-criminals, using smarter social engineering techniques to dupe victims. Financial application targeting. Viruses such as Zeus and URLzone have shown the possibilities for criminals to target financial applications. URLzone is particularly concerning as it acts as a 'man in the middle', able to circumvent two-factor authentication by relaying false information back to users. It is likely that this Trojan, or something similar to it, will be developed to target more banks in the coming year. Growth in the use of DDoS as a political or extortion tool. The botnet 'Darkness' - emerging as a successor to the botnets 'Illusion' and 'BlackEnergy' - reportedly can be hired out for $50 for 24 hours, and used specifically to target financial institutions. December 2010 saw supporters of Wikileaks founder Julian Assange volunteering their computers to a botnet; and tough economic and political times mean this trend is likely to continue into 2011. Firewall security. Despite the erosion of the perimeter, firewall security remains the single most important defence to the corporate network, and requires good practice to ensure correct usage. Bad configuration and routing, or out-of-date software provide the most common entry points to hackers, and yet are the most easily put right. The increased 'socialisation' of the web, leading to increased data privacy issues. As social networks like Facebook and Twitter continue to grow, so too does the risk of personal data becoming increasingly insecure making ID theft easier. In addition, as these sites are increasingly used for business, there is a risk to confidential commercial information being unintentionally shared as users trust the security of sites whose primary focus is not the security of that data but rather the dissemination of information. Shifting of the network perimeter and increased threat of infiltration by from mobile devices. Although the number of mobile viruses is still relatively low (and likely to remain so in 2011), the potential for mobile devices to infiltrate the network is increasing, as smartphones and tablets are integrated with desktop computers to back up information. VOIP vulnerabilities. The take-up of VOIP brings with it associated security issues. Simple precautions can be taken to avoid such breaches (see here for a detailed guide to securing VOIP). "Increased usage of the Internet, naturally sees an increase in the number of the possible avenues of attack. IT managers must invest in best practice in 2011", says Simon Heron. "The vast majority of security breaches can be mitigated against by good internal processes. Change control procedures are particularly important. If a change is made, is it vetted by another, is it made by someone qualified to do it, is the change traceable? Can the company see exactly what has been changed, can the change be rolled-back? And does the IT department monitor equipment regularly to ensure it's working correctly? Most security issues are caused by human error, and it this is the biggest vulnerability that hackers exploit." For more information on security issues, see Redscan's website , visit Simon Heron's blog , or follow him on Twitter . About Redscan Redscan Ltd provides a modular managed security solution, tailored to suit individual company requirements, can be delivered either on premises through Customer Premises Equipment (CPE)) or in the cloud . All security updates are included in the managed service. For more information on this and other security issues, see www.redscan.com, visit the blog at http://blog.redscan.com, or follow Redscan on Twitter @Redscan_ltd . Further press information from: Kate Hartley Carrot Communications Tel: 0771 406 5223 [email protected] ((M2 Communications disclaims all liability for information provided within M2 PressWIRE. Data supplied by named party/parties. Further information on M2 PressWIRE can be obtained at http://www.presswire.net on the world wide web. Inquiries to [email protected]. |