Botnets and attacks on pervasive devices and social networks rank among the biggest information security threats expected next year, according to the Georgia Tech Information Security Center.
Strategic Security Survey: Global Threat, Local Pain
(click image for larger view and for full photo gallery)
What will be the biggest information security threats in 2011? "Further proliferation and sophistication of botnets, attacks on pervasive devices and social networking and the impact of cyber security issues on physical systems." So says the new Georgia Tech Information Security Center (GTISC) 2011 Emerging Cyber Threats Report, released Friday.
The report aims to help researchers think up new ways to combat emerging problems in advance. "Traditional cyber security has been largely reactive in nature," said Mustaque Ahamad, director of GTISC.
Unfortunately, the good guys have their work cut out for them. Botnets, as ever, remain a large concern, because of their increasing automation and sophistication, not to mention scale. Indeed, botnets collectively generate 95% of the world's spam and have infected an estimated 100 million computers. That makes defending against botnets difficult, and it's not getting easier.
Also in 2011, expect online threats to increasingly target critical infrastructure. "As physical systems become more information-driven, the kind of attacks we have seen in other areas will show up here as well," said Ahamad.
Another significant security concern will be attacks on pervasive devices and social networks. According to Patrick Traynor, assistant professor at Georgia Tech's School of Computer Science, "while more than 1.5 billion people use the Internet daily, over 4.5 billion use a cell phone every day, creating an attractive target for cyber criminals." Furthermore, expect the number of cell phone users to double or triple by 2020, he said.
As the number of smartphones -- running numerous third-party applications, some of which may behave in unexpected ways -- rises, so too do the potential ways in which these devices can be attacked.
"Attackers are notorious for going where people are -- and people are on their phone, using apps around Facebook, Twitter, LinkedIn or dating sites," said Matt Jonkman, CEO of Emerging Threats, "What's worse is the size of attacks is increasing. In the past, there'd be a spam run, on a smaller scale, that was changed frequently. Now, attackers can go out with a large-scale run on one major, popular platform, because people will respond quickly, making the attack very effective."
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.