November 15, 2011

Websense 2011 predictions score A-, 2012 predictions coming soon…

Patrik Runald

About a year ago we predicted what the biggest security risks would be in 2011 and as we're coming up towards the end of the year we wanted to see how accurate these predictions were. We have rated our 2011 predictions on a scale of A-F. Here we go!

1. The Stuxnet sequels are coming

While there wasn’t a Stuxnet sequel in 2011, there was the Stuxnet prequel in Duqu, which was perhaps written by the same group as Stuxnet. So while we weren't entirely correct we weren't too far off either. We’ll see if in 2012 we hear about more predecessors and new models built on the success of Stuxnet. Score: B

2. More blended threats and companies will struggle to stay secure while covering more ground

There were definitely more targeted attacks against organizations in 2011 than ever before. RSA, ShadyRat, NightDragon, Nitro and the list of attacks go on and on. Score: A

3. More corporate breaches will occur over social media channels

Not too many corporate breaches happened over Facebook, Twitter or other social networks during 2011. There were a number of compromises that led to Facebook, Twitter and YouTube accounts being compromised and hacked to display unwanted content but they weren't used to compromise any internal data. There was definitely a big increase in the number of attacks that used social networks to spread. Every day we track several attacks on Facebook. And while we hear of small-scale data loss through social networks everyday (recent survey results suggested that more than 20 percent of companies had confidential material posted to the social web), we are going to give this prediction a score of B-.

4. You down with DLP? Malware exploit kits will add zero-day vulnerabilities faster, increasing their use in drive-by download attacks.

I think this is a definitive yes, as the big giant breaches continued at a record pace in 2011. A number of them used zero-day vulnerabilities to both steal critical IP, corporate and government secrets, and leak to third-party outlets. More surprising, however, was that a number of these didn’t stem from the dreaded “APT” word. Most were social engineered attacks and were crafted to infect companies with Remote Access Tools (RATs), which have been around for years.  As a result I’m seeing more and more people getting serious about DLP projects now. In fact, more than 20 percent of 1,000 IT pros we surveyed said they were going to begin or accelerate a DLP project due to the chaos of 2011Score: A

5: Is there an app for that? The iPad, iPhone and other smartphones will be prime targets for cybercriminals.

Over the last year, we have seen a drive-by download for jailbreaking iOS software and a number of exploits. Apple may be on to something by requiring developer application review and application sandboxing. While iOS drive-bys have been few and far between—mobile malware and Android attacks in particularly are increasingly becoming more prevalent. This doesn’t mean we won’t see it this year, So if we go by the title of the prediction alone, we did see a mobile drive-by for iOS, so I’ll give it a C. If we include all the bots, Trojans and malware created for the Android system, I’m going to increase this score to an A.


So there you have it, if we were giving a grade point average, we are at a B+ or a A-. Not too bad…


Stay tuned—very soon the Websense Security Labs team will release our top predictions for 2012. Wait til you see what we come up with this year.

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.