The threat landscape: the next trends in cyber security
- — 05 December, 2012 13:19
Cyber security remains one of the most dynamic fields within the technology industry. Because of the financial and political impact of cybercrime, attackers are continuously looking to innovate and outsmart security vendors and consulting companies. As a result, the IT community is perpetually engaged in a contest of strategy to combat new cyber threats. These are some of the top security threats we can expect to see developing over the next year, including top tips to combat these dangers.
1. Advanced custom malware
A new generation of malware is being used to discover and take advantage of previously unknown weaknesses in computer software. Recent cyber assaults against major organisations and security companies have demonstrated the ability of malware attacks to evade even the most sophisticated anti-virus programs. In the coming year we can expect more, with cyber criminals using innovation in malware to attack commercial targets.
Top tip: Whitelisting approved programs rather than simply blocking known malicious ones can provide another layer of defense against targeted attacks.
2. Cyber warfare will increase
Cyber warfare is on the rise. Over the last few years, we have seen several denial-of-service attacks cripple government websites and news media targets. The most serious cases of cyber warfare have targeted specific resources critical to certain governments. Cyber operations including Stuxnet, Flame and Gauss have all surprised internet security experts with their levels of sophistication. Expect to see more attacks as governments scramble to combat the power of cyber warfare.
Top tip: Organisations not associated with government nor sensitive contracts may not be targets for the moment, but attacks on critical national infrastructure (including oil and gas firms) are likely to increase. Organisations should ensure they have a robust business continuity strategy in place.
3. Post-PC devices will leak data
Cyber criminals are increasingly turning their attention to mobile platforms. According to security firm Kaspersky, the number of new malware programs targeting Google's Android operating system almost tripled to 15,000 in the second quarter of 2012. But malware isn't the only way to extract data from a smartphone or tablet device. Some applications are programed to send data to third parties without the user's knowledge (often in unencrypted, and therefore unsecure, form). Recently, for example, LinkedIn was forced to respond to claims its Apple iOS application collects full meeting notes and details from users’ calendars and sends them back to the company in unencrypted from.
Top tip: Use a mixture of mobile data management tools, mobile device policy and encrypted areas of device memory for corporate applications to help minimise the risk of compromise. All organisations should also enforce a policy for remote wiping for lost or stolen devices.
4. Social media will become more of a threat
As the prevalence of social media continues to grow, criminals will look for new ways to exploit and gain access to confidential information, known as “phishing”.
Top tip: Individuals should review and increase their existing security settings on social media. Companies should also implement a social media policy to ensure employees are not compromising company data security via their personal accounts. Vendors will need to ensure firewalls and intrusion prevention systems are extended to protect against social phishing.
5. Hacktivism will increase
The last year saw unprecedented level of activity from hacktivists – groups hacking computer networks as a means of protest to promote political ends. Groups such as Anonymous and Lulzsec have demonstrated the risk companies face of losing sensitive data, including customer names, addresses, and even credit card numbers. We can expect this activity increase as hacktivists gain more traction and as other groups begin engaging in copycat attacks.
Top tip: A layered, multi-pronged approach to security is crucial. In addition to protecting the corporate perimeter with proper firewall configuration, use intrusion prevention and robust endpoint protection to protect critical resources inside your organisation.
This article was updated 55 December 2012.