Report: Critical Infrastructure Prime Targets For Cyber Criminals In 2009

The year 2008 was a time security threats and malicious activity reached a tipping point, and 2009 stands to be the year critical infrastructure systems become prime targets for cyber criminals and the global financial crisis will be exploited for a variety of malicious activities, according to a new report recently released from VeriSign’s iDefense Security Intelligence Services.

The report, "2009 Cyber Threats and Trends" seeks to aid education efforts about cyber security threats facing networks, enterprises and end-users by highlighting important trends that emerged in 2008, and attempts to predict security trends and disruptors that may develop in 2009 with lasting consequences for businesses in the coming decade.

Over the course of the past year, cyber crimes continued to increase in both frequency and severity thanks to new exploits and organizations to perpetrate them. Cyber Cartels, groups of young and modern cyber criminals likened by VeriSign iDefense to drug cartels of the 1980s, targeted commercial -- not individual -- banking accounts for fraud operations and security measures meant to protect those accounts and routinely defeated the protections.

Additionally, cyber warfare has become a reality in today's political climate, and several regions are seeing a rise in politically and financially motivated activities. According to VeriSign iDefense, Russian hackers are the most effective group when it comes to cyber fraud, while Chinese hackers utilize amateur hacking groups for low-level espionage operations.

"The cyber security landscape has fundamentally changed where 'script kiddies' no longer perpetrate the lion's share of malicious activity online," said Jason Greenwood, vice president and general manager, VeriSign iDefense Security Intelligence Services. "Professionalized cyber criminals, the rise of cyber cartels or extremists using online fraud as a means to fund their operations, and cyber espionage and warfare show how we have entered a new era of online security threats."

2009 Predictions and Long-Term Disruptors include:

  • Critical Infrastructure, notably the Supervisory Control and Data Acquisition systems (SCADA) that operate them, will likely see increased attacks in 2009. SCADA systems are used to deliver such services as electrical power transmission, oil and gas pipelines, large communications systems, and water treatment and distribution.
  • The current global financial crisis will provide unprecedented opportunities for cyber criminals or spies to exploit the turmoil caused by the crisis and the resulting institutional mergers, acquisitions and collapses.
  • The FastFlux infrastructure, which uses computers compromised by botnets to maintain dispersed and untainted IP space for criminal ventures such as phishing, will likely see increased use. This will make current phishing takedown measures less effective and will require security professionals and institutions, which are often the targets of phishing attacks, to come up with new defense measures.
  • Cyber Warfare has gone from a purely theoretical tool to a technically practical, common component of most political arguments. VeriSign iDefense believes organizations or groups aligned with Russia will perpetrate the majority of these attacks.
  • Middle Eastern cyber cartels will likely increase online fraud operations to support their agendas.

"Though we have outlined a number of trends we expect to see in 2009, we also believe other disruptors will begin in the coming year and will pose hardships for security professionals in the years to come," said Rick Howard, intelligence director of VeriSign iDefense Security Intelligence Services. "The increased use of mobile phone platforms, virtual worlds, and the interconnection of devices with the implementation of IPv6 will provide new attack vectors that must be considered now, before they take hold."

Featured

  • Gaining a Competitive Edge

    Ask most companies about their future technology plans and the answers will most likely include AI. Then ask how they plan to deploy it, and that is where the responses may start to vary. Every company has unique surveillance requirements that are based on market focus, scale, scope, risk tolerance, geographic area and, of course, budget. Those factors all play a role in deciding how to configure a surveillance system, and how to effectively implement technologies like AI. Read Now

  • 6 Ways Security Awareness Training Empowers Human Risk Management

    Organizations are realizing that their greatest vulnerability often comes from within – their own people. Human error remains a significant factor in cybersecurity breaches, making it imperative for organizations to address human risk effectively. As a result, security awareness training (SAT) has emerged as a cornerstone in this endeavor because it offers a multifaceted approach to managing human risk. Read Now

  • The Stage is Set

    The security industry spans the entire globe, with manufacturers, developers and suppliers on every continent (well, almost—sorry, Antarctica). That means when regulations pop up in one area, they often have a ripple effect that impacts the entire supply chain. Recent data privacy regulations like GDPR in Europe and CPRA in California made waves when they first went into effect, forcing businesses to change the way they approach data collection and storage to continue operating in those markets. Even highly specific regulations like the U.S.’s National Defense Authorization Act (NDAA) can have international reverberations – and this growing volume of legislation has continued to affect global supply chains in a variety of different ways. Read Now

  • Access Control Technology

    As we move swiftly toward the end of 2024, the security industry is looking at the trends in play, what might be on the horizon, and how they will impact business opportunities and projections. Read Now

Featured Cybersecurity

Webinars

New Products

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area. 3

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities 3

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3