December 17, 2010

Five Security Predictions for 2011

Websense Security Labs Research Shows Upsurge of Attacks Aimed at Facebook, iPads, and Smartphones

SAN DIEGO – (NASDAQ: WBSN) – December 16, 2010 –

If you thought 2010 was challenging, just wait for 2011. Below are our top five 2011 security predictions for the coming year:

Prediction #1: The Stuxnet sequels are coming, stay tuned for “When State-sponsored Malware Attacks!”

  • Stuxnet targeted critical industrial infrastructure, but it was only a preview. Based on how long it takes to develop complicated attacks like Stuxnet, we predict similar exploits will be carried out once or twice in 2011. These state-sponsored offenses will test national infrastructure systems to determine what is effective for future attacks.

Prediction #2: Only the strong survive blended threats. Companies will struggle to stay secure while covering more ground.

  • Blended threats like Zeus and SpyEye will continue to evolve and use a variety of delivery methods. Today’s threats are no longer binary files delivered in attachments; they are script-based or are embedded within rich media. Many spread rapidly through social media.
  • Strained IT departments will need to defend more territory and allow more access, despite these increasingly sophisticated threats.

Prediction #3: Status update: More corporate data breaches will occur over social media channels.

  • Search poisoning won’t be limited to Google, it will migrate to Facebook. Hackers will manipulate Facebook search algorithms to trick users into visiting fake brand and celebrity pages and increase exposure to malware.
  • Employees will post confidential corporate data to public pages.
  • Social media users will also be vulnerable to spam and malicious data-stealing content.

Prediction #4: You down with DLP? Malware exploit kits will add zero-day vulnerabilities faster, increasing their use in drive-by download attacks.

  • As more targeted attacks are researched, more zero-day vulnerabilities will be discovered.
  • Data loss prevention and up-to-the-minute threat protection will become increasingly more important as organizations work to keep malicious content out and corporate information in.

Prediction #5: Is there an app for that? The iPad, iPhone and other smartphones will be prime targets for cybercriminals.

  • Mobile devices are a gold mine of personal and confidential data. Cybercriminals will successfully use mobile drive-by download attacks to steal confidential data and expose users to malicious content.
  • Many of next year’s mobile attacks will exploit the mobile Web browsers in the iPhone, iPad and Android-based devices. Rogue applications will also increase in number and sophistication.

These predictions are based on Websense® Security Labs™ research. The team examined the reputation and behavioral analysis of Websense ThreatSeeker™ Network intelligence, which uses more than 50 million real-time data collecting systems to analyze one billion pieces of content daily. Together with the Websense Advanced Classification Engine (ACE), the ThreatSeeker Network provides Websense with unparalleled visibility into the state of content on the Internet and in email.


“2011 will bring a series of dangerous threats that strip corporate data and immobilize infrastructure,” said Patrik Runald, senior manager of Security Research, Websense. “Most traditional security methods don’t work. Companies and governance need to constantly evaluate those defenses. Up-to-the-minute threat protection that unifies content intelligence is an organization’s best defense against Web attacks, messaging breaches and data loss.”

Multimedia Elements:

Click to share “Five Security Predictions for 2011”on Facebook.

Click to share on Twitter: 5 Security Predictions for 2011 @WebsenseLabs

View Websense Security Labs Threat Report for 2010

Keep up to date on the latest threats by visiting the Websense Security Labs Blog:

Read more about these predictions on the Websense Insights blog.

Click to view a behind-the-scenes video featuring Websense Labs top security researchers explaining ACE. It’s Websense’s unique and proprietary real-time content classification tool, which protects customers against the most complex known and unknown Web threats and data leakage.

Websense Links:

Facebook: “Like” Websense.

Twitter: Follow @Websense.

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.