As the Midwest and East Coast swelter in the heat (and some of us are not complaining!), January and its blizzards and freezing temperatures seem a lifetime ago. Way back then, security companies were making their predictions for 2011 - what are going to be biggest threats, what past threats will fade to the background and how will cloud security fit in, etc.
So now, just a tad after the year's halfway point, were any of their predictions on target?
At the end of 2011, Derek Manky Fortinet posted this to his blog:
We're predicting increased global collaboration on cybercrime syndicate crackdowns; a price increase for tomorrow's crime services; an increase in 64-bit attacks; increased job demand for developers, CAPTCHA breakers, QA and distributors; and more cyber criminals will enter the game by attempting to use recycled source code.
The folks at Fortinet's FortiGuard Labs followed up with me last week to let me know what's happening with their predictions. Manky was fairly spot on with a couple of the predictions, especially predicting the leap to 64-bit infections and the increase in global collaborative takedowns.
From where I sit, one of the biggest security stories of the year has been the attacks from hacking groups and their rise to front-page headline news stories.
FortiGuard touched on these incidents. For example, while the prediction was an increase in turf wars and price inflation for crime services, FortiGuard told me:
There has not been a significant inflation in crime service pricing, however there has been some new evidence of turf wars. Recently the TDL4 rootkit has been observed to hunt and block botnets on machines it infects to ensure it is the only functional botnet on the victim machine. Since TDL4 is a rootkit, it could go further and begin to actively clean systems of the competition. In terms of cyber wars, there have been retaliatory attacks against hackers: look no further than the ousting of alleged LulzSec leader Sabu and affiliates. Indeed, there is no honor among thieves, and it is likely only a matter of time before we see efforts to dismantle botnets and infrastructure of competitive criminal gangs.
And the increase in crime recruitment? Again from FortiGuard:
Advertisements continue to flow into underground hacking forums looking to pick up talented developers to help their malicious efforts. For example, advertisements have been seen for crypter developers (code packers to thwart antivirus detection) which offer salaries of up to $2,000 a month. The advertisements, which require a resume submission, even offer bonus reward programs on top of the base salary. While not all organizations may hire like this, there does seem to be a recruiting trend for criminal business, hacking services and hacktivists.
What do you think the second half of 2011 will bring? Will it follow along with what Commtouch reported for the second quarter? Those findings include: