Q&A: The security trends of 2011

Today Imperva predicted ten key trends for security in 2011, with unsurprising issues such as increasing smartphone threats and the rise of cloud-based security featuring.

There were, however, some more intriguing suggestions, in particular that governments will increasingly use more messy techniques typically used by industrial hackers, while social networks like Facebook will genuinely improve their security.

We caught up with Imperva's chief technical officer (CTO), Amichai Shulman, to talk about what he believes is coming next year.

Where are governments heading with their hacking efforts?

We are not seeing it becoming a bigger thing than it was, but what we are seeing is that the techniques governments are employing are becoming more and more like the ones we are seeing coming from industrial hackers.

Up until two years ago, you had the industrialised hackers that were trying to use automation. They were unselectively attacking targets, trying to hit as many potential victims as possible, not really trying to hide themselves.

On the contrary we had government activity that was very focused, using very specialised tools and trying to conceal itself.

But what we have seen in the past year or so is governments are starting to use the automated distribution mechanisms developed by hackers to run their activities.

For example, take the Stuxnet incident. The payload was very specialised, it was aimed at SCADA systems and it apparently it was aimed at a very specific country.

At the same time the method that was used to distribute the malware was purely unselective, so they were trying to hit as many targets as possible, expecting that eventually one of them would be the actual target. That is a real shift in behaviour.

Some governments are using their own botnets or taking control of command and control centres from hacker botnets in order to use them for their own purposes.

Are there any signs of which governments have been heading in this direction?

I don't think there is a specific side employing these technologies. My guess is that every country that has sufficient resources and to some extent even countries that don't have sufficient resources would probably go and take this direction of employing available hacker tools and techniques in order to proceed with their activities.

It's kind of hiding in the crowd and it is clearly something that we are seeing.

The goals are varied. Of course, you have military espionage and political espionage, but also it is well known that governments are engaged in commercial espionage in order to break up economies.

Definitely the Chinese government are paying for scientists to take out intellectual property.

I don't expect the Chinese to be alone in this. I think probably the US is engaged in the same activities, and the UK and others.

Governments are really concerned about their own economies and they will do things that are borderline illegal in order to help their enterprises.