2012: What Have We Learned

The biggest shift in 2012 was the emergence of state-sponsored malware and targeted attacks as major factors. The idea of governments developing and deploying highly sophisticated malware is far from new. Such attacks have been going on for years, but they’ve mainly stayed out of the limelight. Security researchers and intelligence analysts have seen many of these attacks, targeting both enterprises and government agencies, but they were almost never discussed openly and were not something that showed up on the front page of a national newspaper.

A good read by Dennis Fisher, but I have a slightly different take.

State-level cyberattacks definitely “broke out” in 2012, but I think a bigger lesson is that pretty much every organization finally realized that signature-based AV isn’t very helpful. Some of this is related to what China has been up to, but not all of it.

Over the past year I couldn’t talk to any large organization, or many medium, that isn’t struggling with malware. I couldn’t say that on December 31, 2011.