For Hackers, 2011 Looks Like A Prosperous New Year

If you're an attacker, the new year is a target-rich environment. Here are five areas where you should shore up your defenses
4. The exposure of sensitive information via WikiLeaks will shine a new light on the potential for insider data leaks
"Look for WikiLeaks to expand well beyond simply embarrassing governments and begin releasing data that will cause harm to big business reputations as well," says Paul Henry, a security analyst at Lumension. "With the pressure put on employees -- and the ill feeling many hold against employers in these tough economic times -- WikiLeaks could become first choice for releasing tension."

While some experts suggest that WikiLeaks could be a boon for data leak prevention (DLP) technology in 2011, Andrew Jaquith, CTO of Perimeter eSecurity and a former industry analyst, notes that DLP wouldn't have prevented the WikiLeaks data breaches. "Tools like DLP that inspect content are fine for filtering 'toxic data' like credit card numbers, but less effective for controlling the spread of secrets," he says. "Traffic monitoring and regular privilege reviews would have been more effective."

5. Politics will join money as a key motivator for attacks in 2011.
In 2010, the industry saw rapid growth of politically motivated distributed denial of service (DDoS) attacks, such as Operation Payback, which sought retribution against sites that were critical of the WikiLeaks organization. "Traditional political hacktivism attempts have been conducted by small, well coordinated groups," notes security vendor Zscaler in its 2011 predictions blog. "But now, we find ourselves in an era where complete strangers can quickly organize, coordinate and attack -- and do so with relative anonymity. Welcome to the world of flash mob hacktivism!"

Nation-states will also launch more cyberattacks in 2011, says Amichai Shulman, CTO of database security vendor Imperva. "Nation-sponsored hacking -- specifically-targeted cyberattacks -- will incorporate concepts and techniques from the commercial hacker industry," Shulman says. "These campaigns will contain a different malware payload than the traditional attacks conducted for monetary gain. However, these attacks will use similar techniques. These advanced persistent threat [APT] attacks will borrow techniques, such as automation and viral distribution, making them all the more powerful and potentially more successful."

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Editors' Choice
Jai Vijayan, Contributing Writer, Dark Reading
Kelly Jackson Higgins 2, Editor-in-Chief, Dark Reading