To get the most out of your company’s information security budget, you need to know where the danger is. These are the biggest threats your IT department should be ready for in 2011.
- More mobile malware – As the number of mobile devices in use increases, so does the number of viruses and other security attacks criminal will use to hack those devices. The prevalence of mobile security threats increases every year, and this year will be no different, especially considering the likely growth of the tablet market.
- Misuse of URL shortening services – Social media sites like Twitter have made URL shorteners such as bit.ly commonplace. Hackers have already found ways to use that to their advantage by disguising their malicious links, but experts predict hackers will get more sophisticated, possibly by taking over entire services to redirect their URLs.
- Attacks on router vulnerabilities – As companies beef up security on computers and servers, hackers look to other areas to attack and gain access to a business’s network. One of those areas that would lead to big dividends for criminals: routers. Networking equipment and its firmware are rarely updated, so hackers have a big window to find and exploit vulnerabilities.
- Struggling AV software – Millions of new strains of malware appear every year, and some experts say antivirus vendors are having a hard time keeping up. According to one study, just 19% of malware is detected by AV apps the first day it appears, and even after 30 days, detection rates only increase to 61%.
- Social engineering — As security tools have become stronger, hackers have turned more to a different way of getting information they want – tricking people into turning it over. Especially as more folks use Facebook and other social networking sites that seem tailor-made for fraud, social engineering attacks will more frequently be used as a way around security controls.