2011 was rife with both challenges and wins not only for Trend Micro but also for the rest of the security industry and our fellow cybercrimefighters in law enforcement. True to one of our predictions, 2011 has been dubbed the “Year of Data Breaches,” as we witnessed organizations worldwide succumb to targeted breach attacks and lose what we have come to know as the new digital currency—data.
As we prepare for the year ahead, let us take a look at some of the Trend Micro 2011 predictions that came true and how we contributed to the security industry’s wins against the continuing war against cybercrime.
|What we foresaw…||What came to pass…|
|We will see more targeted attacks and cyber espionage.||As we predicted, several organizations the world over succumbed to targeted attacks that cost them dearly. RSA and Sony PlayStation—two of the biggest APT targets in 2011—lost millions of customer data and had to spend huge sums of money just to fix the damage done.|
|We will see more mobile device attacks.||The huge growth in the Android malware volume spurred the maturity of the mobile threat landscape. Led by RuFraud and DroidDreamLight variants—two of the most prominent families in 2011—Trojanized and other kinds of malicious Android apps littered not only third-party app stores but the Android Market as well.|
|We will see more clever malware campaigning.||Cybercriminals more earnestly spammed and scammed social networkers worldwide with even more attention-grabbing social engineering lures and more innovative tools. Thousands of social media users fell prey to all sorts of scams that ultimately cost their privacy and, at times, even their identities.|
|We will see the use of vulnerabilities and exploits evolve.||Despite the decline in the number of reported exploited vulnerabilities, cybercriminals continued to launch a slew of exploit attacks in 2011. Three of the most exploited vulnerabilities—CVE-2011-3402, CVE-2011-3544, and CVE-2011-3414—unsurprisingly targeted products of three of top 5 vendor exploit targets—Microsoft, Oracle, and Adobe.|
|We will see old malware reinfections and consolidation in the cybercriminal underground.||Though now considered part of the threat landscape’s white noise, traditional threats continued to wreak havoc among users. All acting as means to an end—data, financial, and/or identity theft—traditional threats came armed with new and better tools and lures to infect unwitting users’ systems and other devices.|
Though we didn’t foresee hacktivism coming to the fore in 2011, we witnessed a slew of mass compromises result from AntiSec and LulzSec attacks against various entities. Armed with politically charged agendas and disgruntled with varying issues, hacktivist groups continued to fling attacks at users.
2011, however, wasn’t all bad, as we also garnered some wins in our never-ending battle against cybercrime. In close collaboration with our industry partners and law enforcement authorities, Trend Micro was at the forefront in what has been dubbed the “Biggest Cybercriminal Ring Takedown”—Operation Ghost Click—to date. As individuals and organizations alike embark on the cloud journey, we at Trend Micro, along with our fellow cybercrimefighters in law enforcement and the security industry, will continue to serve our customers by providing data protection from, in, and for the cloud.
For more details on what 2011 was like, take a look at the 2011 security roundup report, A Look Back at 2011: Information Is Currency.