Security in 2011: Predictions from the Dark Side

To continue this week's theme of 2011 predictions, it's my turn to have a guess at what we might see appear from the darker, more devious side of the Internet.

I was going to open with a big botnet control prediction, something like the greater good managing to shut down or throttle the spam from a major botnet. But as you may have already seen the levels of spam are dramatically down after Rustock, Lethic and Xarvester stopped spewing late last year. But more on that below. On with the show:

  • Spam won't go away: Even with the apparent fall in the spam rate at the end of 2010, this menace will still bother us. Opportunities to buy herbal 'enhancements' , wristwatches and the chance to receive an inheritance which has been deposited in the Prudent Trust Bank of London England (where?) will continue. But.
  • Spam will go away: from our inboxes at least. We'll see a continued drop in the amount of spam we receive to our inboxes. Why? Two reasons really; firstly the technology protecting those inboxes will improve dramatically, and secondly because the spammers know this - they will start to invade our blogs, our twitter streams, and our social networks instead.
  • Adverts or spamverts?: If Google can target ads for you, so can spammers. Try tweeting about a car loan or mortgage and see how many spam tweets you receive back. This will only get worse.
  • There will be at least one significant social breach: We already know that many high profile sites suffer at the hands of attackers daily. The Gawker Media breach will no doubt be the turning point as attackers look for a larger pile of personal data to plunder.
  • Conspiracies will continue: Conspiracy or not, the release of Stuxnet into the wild demonstrated a very well researched, constructed and targeted threat agent. Stuxnet showed the world that clandestine activity can have an invisible but far reaching impact and be far more subtle that traditional spy-craft of warfare. I expect that 2011 will see a similar infrastructure integrity attach by a cousin of Stuxnet, which may well have been a noisy proof of concept. Whether the next attack makes the headlines or not depends on the stealth of the coders.
  • Botnets (again): With the demise of the boisterous botnets of yesteryear a new breed of botnet will emerge, one who's command and control is so distributed that is uses many common mechanisms to communicate & infect. Using services like Twitter as a dead letter box are likely to be the levels of deviousness we'll see,  and this tactic will be very hard to defeat.
  • Spear Phishing will rise: Specifically targeted attacks against individual organizations will increase, why? Because the rewards can be so great. In fact we've already seen a wonderful example of this with the Zeus Trojan downloaded from a fake White House ecard, where numerous government employees were duped into 'clicking the link.' This successful attack demonstrates that social engineering is still the attack vector of least resistance. Educating your users is the best line of defense.

Keep safe out there.