Privacy, Hacktivists, Insider Threats: Security Predictions for 2011

by Brian Prince

In the past few weeks, the Federal Trade Commission, Department of Commerce and consumer privacy groups have talked about the best way to protect user privacy online when regarding tracking by online advertisers. In 2011, this is going to continue to be an issue, with legislation coming from Washington, D.C.

Enterprises will continue to embrace cloud computing in 2011 as cloud providers and security vendors alike offer technology to ensure secure access and data protection.

Ask the folks at Google or other popular Web search engines, and they’ll say attackers abusing search engines to lure users to malicious sites is an ongoing problem. Researchers at Websense think this trend will touch Facebook in 2011, with attackers manipulating search algorithms to trick users into visiting fake brand and celebrity pages riddled with malware.

Between WikiLeaks and the growth in insider threats chronicled by Verizon’s annual data breach report, it’s clear that insider threats will continue to be an attack vector. Companies will need to find a way to better deal with these problems. Rather than be reactive, businesses may take to profiling employees based on behavior and other risk factors, such as whether the person is about to be laid off.

2010 saw some very big acquisitions, such as Intel’s move to buy McAfee. The buying spree will continue in 2011, with cloud and virtualization security technologies being hot commodities.

The consumerization of IT is forcing businesses to grapple with how best to manage a plethora of smartphone devices. As the devices grow more plentiful in the workplace and market leaders emerge, the more popular smartphones can expect to get increased attention from attackers.

Stuxnet was one of the dominant malware stories of 2010. The coming year will see continued attacks targeting critical infrastructure companies, such as the energy and utility industries, whether the goal is to steal data or commit sabotage.

As the WikiLeaks controversy morphed into denial-of-service attacks against both the site and sites belonging to the companies that cut ties with it, hacktivists became the focus of the media and law enforcement. As a result, there recently have been in a handful of arrests in the Netherlands by Dutch authorities. As hacktivist protests continue on the Web, authorities will increasingly hunt down attackers—though this will not slow the activity of their comrades.