Botnets and attacks on pervasive devices and social networks rank among the biggest information security threats expected next year, according to the Georgia Tech Information Security Center.
Strategic Security Survey: Global Threat, Local Pain
(click image for larger view and for full photo gallery)
What will be the biggest information security threats in 2011? "Further proliferation and sophistication of botnets, attacks on pervasive devices and social networking and the impact of cyber security issues on physical systems." So says the new Georgia Tech Information Security Center (GTISC) 2011 Emerging Cyber Threats Report, released Friday.
The report aims to help researchers think up new ways to combat emerging problems in advance. "Traditional cyber security has been largely reactive in nature," said Mustaque Ahamad, director of GTISC.
Unfortunately, the good guys have their work cut out for them. Botnets, as ever, remain a large concern, because of their increasing automation and sophistication, not to mention scale. Indeed, botnets collectively generate 95% of the world's spam and have infected an estimated 100 million computers. That makes defending against botnets difficult, and it's not getting easier.
Also in 2011, expect online threats to increasingly target critical infrastructure. "As physical systems become more information-driven, the kind of attacks we have seen in other areas will show up here as well," said Ahamad.
Another significant security concern will be attacks on pervasive devices and social networks. According to Patrick Traynor, assistant professor at Georgia Tech's School of Computer Science, "while more than 1.5 billion people use the Internet daily, over 4.5 billion use a cell phone every day, creating an attractive target for cyber criminals." Furthermore, expect the number of cell phone users to double or triple by 2020, he said.
As the number of smartphones -- running numerous third-party applications, some of which may behave in unexpected ways -- rises, so too do the potential ways in which these devices can be attacked.
"Attackers are notorious for going where people are -- and people are on their phone, using apps around Facebook, Twitter, LinkedIn or dating sites," said Matt Jonkman, CEO of Emerging Threats, "What's worse is the size of attacks is increasing. In the past, there'd be a spam run, on a smaller scale, that was changed frequently. Now, attackers can go out with a large-scale run on one major, popular platform, because people will respond quickly, making the attack very effective."
Google in the Enterprise SurveyThere's no doubt Google has made headway into businesses: Just 28 percent discourage or ban use of its productivity products, and 69 percent cite Google Apps' good or excellent mobility. But progress could still stall: 59 percent of nonusers distrust the security of Google's cloud. Its data privacy is an open question, and 37 percent worry about integration.