Security Threat Report 2012 - Hacktivism, Cybercriminals and Malware

Foreword by Gerhard Eschelbeck, CTO, Sophos

Over the past year we in the IT security industry have seen a growing awareness of the work we do.

In 2011, a number of highly visible cyberattacks made news headlines around the world, but the underlying problem affects us all. It seems that the cybercriminals are getting bolder in their attacks as the availability of commercial tools makes mass generation of new malicious code campaigns and exploits easier. The net result has been significant growth in volume of malware and infections.

And for 2012, I anticipate growing sophistication in web-borne attacks, even broader use of mobile and smart devices, and rapid adoption of cloud computing bringing new security challenges.

The web will undoubtedly continue to be the most prominent vector of attack. Cybercriminals tend to focus where the weak spots are and use a technique until it becomes far less effective. We saw this with spam email, which is still present but less popular with cybercriminals as people deploy highly effective gateways. The web remains the dominant source of distribution for malware —in particular malware using social engineering, or targeting the browser and associated applications with exploits. Social media platforms and similar web applications have become hugely popular with the bad guys, a trend that is only set to continue.

Click above image to read
full the report

The rapid inflow of consumer-owned smartphones and tablets is causing significant security challenges for many organizations. IT departments are being asked to connect devices to corporate networks and secure data on these devices, which they have very little control over. Due to the high degree of mobility, security requirements are plentiful, including enforcement of use policies, corporate data encryption, access to corporate networks, productivity/content filtering, and of course malware protection. The unique nature of modern form factors (in terms of processing power, memory, battery life) requires rethinking of security and defense mechanisms.

Cloud computing is one of the most significant revolutions in delivering software applications to users, and can significantly improve the effectiveness and manageability of security solutions—web security, data protection, or even endpoint and mobile security managed via the cloud are great examples. The service model takes the burden of managing applications away from the user, but introduces new issues of security and privacy for data at rest and in transit.

Protecting data in a world where systems are changing rapidly and information flows freely introduces a whole new set of people, process and technology challenges, reinforced by enhanced scrutiny by compliance and regulatory bodies. As we all radically reform the way we communicate and share data, we can expect cybercriminals to hook themselves into these systems to tout their nasty malicious code.

With this edition of the Sophos Security Threat Report, we want to share our latest research on hacktivism, online threats, mobile malware, cloud computing, and social network security. And we offer a look ahead to the coming year.

Best wishes,

Gerhard Eschelbeck

CTO, Sophos