" Assange "

Cyber-activism and Cyber-warfare major IT Security Topics in 2011

  • WikiLeaks is ‘unstoppable’
  • Cyber-activism on the increase, but cyber-war is an ‘exaggerated term’

Global IT vendor Panda Security reports that cyber-activism and cyber-warfare will continue to be major topics in IT security this year.

The 3rd Security Blogger Summit, recently hosted by Panda in Madrid, focused on cyber-activism and cyber-war as well as on the new dangers posed to users and institutions on the Internet. The roundtable discussion highlighted the most recent examples of these emerging trends, international cooperation and the limits of these activities on the Web. The discussion also centered on the new trends for 2011 and the legal framework against this type of Web activity.

Opinions about cyber-activism and WikiLeaks proved relatively united, with most of the participants agreeing that it is an unstoppable phenomenon. “There is no way to stop a phenomenon like WikiLeaks”, said Enrique Dans, panel member. “In the future anybody will be able to disclose relevant information from a website, as contaminated as this might be.”

Bob McMillan, a San Francisco-based computer security journalist explained that, in his opinion, “WikiLeaks is as important as The New York Times. It’s has helped those who wanted to expose sensible information, and to think of changing the legislation in the wake of a denial of service attack like those in the operation ‘Avenge Assange’ is very difficult”. Operation ‘Avenge Assange’ was initiated by the Anonymous group and Operation Payback, targeting firstly organizations trying to close the net on Internet piracy, and later in support of Julian Assange, editor-in-chief of WikiLeaks.

Cyber-activism was discussed as a growing occurrence. Participants agreed that the technical evolution means people are able to replace meetings and gatherings with internet-based tools. Furthermore, the global situation that the technical evolution has created means that cyber-activism is possible on an international scale, with it becoming more and more unnecessary to gather large amounts of people in order to attract attention. IT researcher Rubén Santamarta indicated that, “Cyber-activism was born from the global situation we live in. Even users with limited technical know-how can join in the distributed denial of service attacks (DDoS) or spam campaigns.”

Despite hasty attempts in many countries to pass legislation to counter this type of activity, effectively by criminalizing it, Panda believes that in 2011 there will be yet more cyber-protests, organized by this group or others that will begin to emerge.

Cyber-war: Reality versus sensationalism

The Summit participants also discussed some of the most relevant examples of cyber-war, such as the alleged attacks targeting Iran’s nuclear plants using the Stuxnet Trojan, as well as Operation Aurora, concerning attacks on Google from China in order to steal secret corporate information.

Panel members Elinor Mills and Bob McMillan coincided in pointing out that the term ‘cyber-war’ was ‘too exaggerated’ for the actual events taking place. “We still do not know the real dimensions of cyber-war and it is easy to confuse it with espionage or even cyber-crime”, explained Elinor Mills. Bob McMillan added that, “Even though Stuxnet has been used as a cyber-weapon, it does not mean that we are already knee deep in a cyber-war. If there really was a cyber-war, it would be on a global scale, as with the two Great Wars of the 20th century.”

However, others insisted on the idea that the cyber-war phenomenon is at its early stages and will probably become a reality in 10 years’ time. “We are talking about a war without an army. It is a fourth-generation war where it is possible to damage a country without having to invade it with soldier”, says Santamarta. “A country can have another one under control through the Internet even before they have declared war on each other”, he concludes.

While the debate over cyber-war and its effects continue, Panda believes that these kinds of web attacks will increase in 2011, with many of them remaining unnoticed by the general public.

More information about the 3rd Security Blogger Summit is available at www.securitybloggersummit.com.

For more information about Panda, visit http://www.pandasecurity.com/.

Follow Panda SA on Facebook and Twitter

Top 10 Internet Security Threats and Trends for 2011

-      “Hacktivism” and cyber war: making the headlines in 2011

-      The growth rate of new malware is set to slow down

-      Social engineering and the use of social media to spread encrypted malware

-      More malware for Mac and for 64-bit systems, as well as zero-day exploits

Global IT vendor Panda Security has forecast that there will be few radical innovations in cyber-crime during 2011. “Hacktivism” and cyber-war; more profit-oriented malware, social media, social engineering and malicious codes with the ability to adapt to avoid detection will be the main protagonists in 2011. There will also be an increase in the threats to Mac users, new efforts to attack 64-bit systems and new zero-day exploits.

Luis Corrons, Technical Director of PandaLabs explains: “Once again we have dusted off the crystal ball and this is a summary of what we reckon will be the ten major security trends during 2011”:

  1. Malware creation. Panda has seen a significant growth in the amount of malware in 2010, a constant theme over the last few years. This year, more than 20 million new strains have been created, more than in 2009. At present, Panda’s Collective Intelligence database stores a total of over 60 million classified threats. The actual rate of growth year-on-year however, appears to have peaked: some years ago it was over 100%. In 2010 it was 50%. We will have to wait and see what happens in 2011.
  2. Cyber war. Stuxnet and the Wikileaks cables suggesting the involvement of the Chinese government in the cyber-attacks on Google and other targets have marked a turning point in the history of these conflicts. In cyber-wars, as with other real-world conflicts today, there are no ranks of uniformed troops making it easy to distinguish between one side and another. This is like guerrilla warfare, where it is impossible to discern who is launching the attack or from where. The only thing it is possible to ascertain is the objective. Attacks such as these, albeit more or less sophisticated, are still ongoing, and will no doubt increase during 2011, although many of them will go unnoticed by the general public.
  3. Cyber-protests. Undoubtedly the major new issue in 2010. Cyber-protests, or hacktivism, are all the rage. This new movement was initiated by the Anonymous group and Operation Payback, targeting firstly organizations trying to close the net on Internet piracy, and later in support of Julian Assange, editor-in-chief of Wikileaks. Even users with limited technical know-how can join in the distributed denial of service attacks (DDoS) or spam campaigns. Despite hasty attempts in many countries to pass legislation to counter this type of activity, effectively by criminalizing it, we believe that in 2011 there will be yet more cyber-protests, organized by this group or others that will begin to emerge.
  4. Social engineering. Panda has seen the continued use of social engineering to infect unwary users. In particular, cyber-criminals have found social media sites to be their perfect working environment, as users are even more trusting than with other types of tools, such as email. Throughout 2010 Panda has witnessed various attacks that have used the two most popular social networks – Facebook and Twitter- as a launch pad. In 2011 we fully expect that not only will hackers continue to use these media, but that they will also be used more for distributed attacks. Moreover, BlackHat SEO attacks (indexing and positioning of fake websites in search engines) will also be widely employed throughout 2011, as always, taking advantage of hot topics to reach as many users as possible.
  5. Windows 7 influencing malware development. As we mentioned last year, it will take at least two years before we start to see the proliferation of threats designed specifically for Windows 7. In 2010 we have begun to see a shift in this direction, and we imagine that in 2011 we will continue to see new cases of malware targeting users of this new operating system.
  6. Cell phones. The eternal question: When will malware for cell phones really take off? It would seem that in 2011 there will be new attacks, but still not on a massive scale. Most of the existing threats target devices with Symbian, an operating system which is now on the wane. Of the emerging systems, Panda predicts that the number of threats for Android will increase considerably throughout the year, becoming the number one target for cyber-crooks.
  7. Tablets? The overwhelming dominance of iPad in this terrain will start to be challenged by new competitors entering the market. Nevertheless, save the odd proof-of-concept or experimental attack, we don’t believe that tablet PCs will become a major consideration for the criminal fraternity in 2007.
  8. Mac. Malware for Mac exists, and will continue to exist. And as the market share continues to grow, so the number of threats will grow accordingly. The biggest concern is the number of security holes affecting the Apple operating system. Let’s hope they get ‘patching’ as soon as possible, as hackers are well aware of the possibilities that such vulnerabilities offer for propagating malware.
  9. HTML5. What could come to replace Flash, HTML5, is the perfect target for many types of criminals. The fact it can be run by browsers without any plug-ins makes it even more attractive to find a security hole that can be exploited to attack users regardless of which browser they use. We will see the first attacks in the coming months.
  10. Highly dynamic and encrypted threats. This is something we have already seen over the last two years, and we fully expect this to increase in 2011. There is nothing new about profit-motivated malware, the use of social engineering or silent threats designed to operate without victims realizing. Yet in our anti-malware laboratory we are receiving more and more encrypted, stealth threats designed to connect to a server and update themselves before security companies can detect them. There are also more threats that target specific users, particularly companies, as information stolen from businesses will fetch a higher price on the black market.

“The overall picture is not improving” says Jeremy Matthews, head of Panda’s sub-Saharan operations. “It is true that in 2010 we have seen several major arrests that have hit hard in the world of cyber-crime. Yet this is sadly insufficient when we consider the scale of what we are fighting against. Profits from this black market amount to thousands of millions of dollars, and many criminals operate with impunity thanks to the anonymity of the Internet and numerous legal loopholes”, he concludes.

For more information about Panda, visit http://www.pandasecurity.com/.

Follow us on Twitter: PandaSecurityZA and Facebook: Panda Security South Africa