Kaspersky Lab: 2010 ‘Year of Vulnerability’, 2011 ‘Era of Steal Everything’

Speaking at IDC CIO summit held in Dubai today, David Emm, Senior Regional Researcher, UK, Global Research & Analysis Team, the delegate of Kaspersky Lab, a leading developer of secure content management solutions, stated during his presentation that targeted attacks developed during 2010, culminating in the revolutionary Stuxnet worm, and 2011 is expected to bring more of the same.

2010 saw malicious programs reach a whole new level of functionality, which is likely to bring about a major change in the types of criminals orchestrating cyber attacks as well as their aims and the methods they use. However, in 2011 a significant sea-change is expected, with a major shift in the make up of the organizers and their aim. These changes will be on a par with the demise of malware written by the so-called ‘script kiddies’, whose aim was primarily to show off their virus writing skills, and whose efforts heralded the age of the cybercriminal.

“Now we are faced with widespread use of a new class of spyware programs, simply aiming at ‘stealing everything’. Cybercriminals will gather any information they can about users, and examine every document stored on infected computers. Industrial and state espionage will become more pervasive, with less emphasis on precision attacks. Nevertheless, cybercriminals will target a much broader range of organizations, no longer concentrating solely on online banks and electronic payment systems”, said David Emm

“The principal aim of many new virus writers and their clients will be the acquisition of someone or something’s complete profile, rather than making a quick buck by stealing credit card details or distributing spam”, continued David.

Potential changes to the structure of the malware authoring community are also likely to have a profound impact on the IT threat landscape during 2011. The emergence in 2010 of the technologically sophisticated Stuxnet worm that attacked industrial-class programmable logic controllers, was a demonstration in what attackers’ arsenals contain, as well as a wake-up call to the IT security industry.

In terms of the overall threat landscape, according to Kaspersky Lab’s Q3 report Saudi Arabia is still among the top 10 countries where users are most often targeted by attempted infections distributed via the Internet. And the types of malware affecting computers in the Gulf Region, according to Kaspersky Lab experts is in line with what Kaspersky Lab sees worldwide.