Imperva predicts more Stuxnet-type attacks


November 16, 2010

Imperva expects Nation-sponsored attacks like the Stuxnet worm to become a key threat in 2011, with malware threats increasing during the year.

Techniques from the commercial hacker industry are expected to be developed to create more powerful Advanced Persistent Threats, according to Imperva’s top security trend predictions. This means organisations will have to monitor traffic and set security controls across all levels.

Stuxnet, which is designed to attack command modules for industrial equipment designed by Siemens, has been described as a ‘cyber missile’, and new research has now shown that it was designed to target the kind of equipment used in uranium enrichment. This gives added weight to the theory that it was designed to sabotage Iran’ suspected nuclear arms program.

Another key threat identified by Imperva as being on the rise is man-in-the-browser, which infects a web browser and can modify pages and transactions while remaining undetected by either the user or the host application.

Combating this type of sophisticated attack will require online service providers to deploy protection such as strong device identification, client profiling, session flow tracking and site-to-client authentication.

Insider attacks are also expected to increase next year and Imperva recommends ensuring that access to sensitive information is given only on a need-to-know basis and no unnecessary privileges being awarded.

On a more positive note Imperva predicts that application and data security products for cloud computing will increase.






 

Post a comment

Your email address will not be published. Required fields are marked *

Visited 6512 times, 3 so far today