Targeted Attacks, Hacktivism, Mobile Malware Major 2011 Security Trends

Targeted attacks, hacktivist campaigns and the rise of mobile malware were just a handful of security news that dominated 2011's headlines.

2011 was a momentous year in many aspects for the security industry, with high profile cyber-attacks and data breaches, but also a year in which many of the incidents evoked a sense of d??«j??í vu amongst industry observers.

"2011 was the Year of the Hack," Harry Sverdlove, CTO of Bit9, told eWEEK.

There was an "unprecedented rise" in targeted attacks, and while some were very sophisticated, others employed crude, yet effective, methods, according to Sverdlove.

The breach against RSA Security was an example of how sophisticated attackers have become when it comes to stealing intellectual property. The attackers managed to breach one of the foremost security companies in the world by combining social engineering with a zero-day vulnerability embedded in an Excel spreadsheet.

Simply by sending an email with a malicious attachment to recruiters and staff members in the RSA Human Resources department, attackers walked off with information relating to the SecurID two-factor authentication technology used by major government agencies and large corporations to secure their networks.

Sony was an example of how organizations that hadn't paid attention to security were suddenly faced with a high price tag and brand damage after a data breach. Under the cover of a distributed denial-of-service attack, adversaries managed to breach Sony's online systems and stole more than 100 million user records. Subsequent reports highlighted numerous security issues that Sony neglected to address.

Organizations realized that there is no such thing as being too big or too small to be safe from cyber-attacks and data breaches. Operation Night Dragon was a coordinated and wide-scale attack on several petroleum and energy companies, and the Nitro campaign targeted at least 48 companies within the chemical and defense industries. Operation Shady RAT targeted over 70 organizations using the same command and control server.

Experts have been predicting attacks against critical infrastructure for almost a decade, and in 2011, people started paying attention. The White House outlined its proposal on how best to secure critical infrastructure such as power grids and public utilities, as well as chemical, gas, oil and energy plants.

The proposal named the Department of Homeland Security as the agency in charge of coordinating the efforts. In the second half of 2011, the Duqu Trojan revived worries of the new generation of Stuxnet-style malware capable of manipulating industrial process control software used in many industries to damage critical industrial and utility infrastructures.