Cyber threats makes it to number 4 on the Global WEF Agenda

A recent report released by the World Economic Forum (WEF) focused on the Global Agenda for 2014 and the top 10 trends facing the world. As one might expect, topping the list were globally pertinent and vital topics like; growing societal tensions in the Middle East and North Africa; income disparity around the world; and ongoing unemployment.

However in fourth place was “intensifying cyber threats”, which was considered a more significant issue than climate change and diminishing confidence in economic policies.

This is a truly insightful conclusion - such a global focused, facts-based organisation marking cyber threats at such a high threat level - shows how rapidly technological threats have evolved.

It’s not that long ago that ‘being online’, whether as an organisation or as an individual, meant merely having your own server – relatively secure and simple to fireproof - against typical cyber-attacks and threats.

The evolution of IT into cloud computing, machine to machine (M2M) communications and the Internet of Things (IoT), presents a whole new generation of dangers – ones against which most industries, companies and end-users are not safe.

The cloud of course means more devices and machines than ever are connected through the same network, making it an even bigger target for cyber terrorists. Get one denial-of-service (DoS) attack through successfully and it can grow exponentially through the cloud to other domains, taking many other websites with it.

Similarly the IoT has presented cyber attackers with a particularly attractive playground – the network infrastructure and technological capabilities are really transforming at a rate that is too fast for cybersecurity to keep pace.

Many IoT machines and devices remain quite unsecured, with communications between them being unencrypted. This is clearly a major worry when so much private, personal and sensitive data is communicated via the internet.

Changing habits, changing threats

The nature of how we use IT has also helped form the evolution in cyber security threats. We love all the benefits that come with our increasingly mobile-powered lives; more flexible work practices, greater productivity, increased control and choice over our consumer habits, but we do need to be aware that these changes carry new threats too.

Through 2014 and beyond, it is highly likely that we will see cyber threats piggyback this trend to make attacks more personal. Where previously generic data was the target for cyber-attacks, they may now shift to specific, individual information. These attacks will target mobile operating systems, since thanks too trends like BYOD, mobile devices now very often carry both personal and corporate data on them.

In 2013 there was 1000 per cent growth in malicious Android apps, demonstrating the shift in focus by cyber attackers. Factor in SMS floods, development of malicious apps and even fraudulent developer credentials appearing in app marketplaces and it becomes clear that mobile is a fertile hunting ground for the modern cyber criminal.

The growth in social media use presents another big target too. Social is a true modern-day technology success story, enabling people to keep in touch and share experiences in whole new ways, no matter where they are.

That ubiquity however does present new territory for cyber threats, with social attacks likely to increase massively in the near future. Social media utilises personal data, passwords, contacts, location-based activities and more – all of which is highly attractive bait to cyber criminals. So it is perhaps no surprise that earlier this year even President Obama was banned from using his smartphone due to security concerns.

Another modern day advancement that carries its own new threats is online currencies. Ransomware has been developed and targets currencies like Bitcoin, while online currencies also offer cyber criminals the opportunity for money laundering. Currency exchanges are also potential areas of attack. Traditional threats of course remain too – 2013 saw the biggest cyber fraud case in history, as 160 million credit cards were compromised in the US, to the tune of $300 million.

In short, new technologies and the growth of the cloud and increased mobility mean more targets for cybercriminals. Gartner suggests that by 2020 governments and enterprises will leave a massive 75 per cent of sensitive data unprotected – so organisations are going to need to think long and carefully about the security policies they implement to mitigate this threat and tighten up cybersecurity as much as possible.

Malware hasn’t gone away

Another threat which is not gone but merely evolving is malware. Previously the preserve of desktops and the enterprise environment, malware has transformed to take its dangers to the mobile landscape as well. Malware has adapted to target mobile authentication processes via fake SMS confirmations and other means. Android malware is also on the rapid rise.

This year will also likely see malware architects continue with covert command-and-control (CnC) attacks on networks. Encryption techniques go on getting smarter and stealthier and malware is now smarter than ever in evading traditional network defences.

Time to evolve thinking

The changing nature of technology in the mobile era – with disruptive solutions being developed all the time – means that the CSO has to always think one step ahead. As the WEF report indicates, cyber threats will continue to grow and evolve throughout 2014, with the only predictable thing about them being their unpredictability.

Traditional perimeter-based security solutions are today less effective than usual because of disruptors like cloud, mobile and social. M2M, the IoT, wearable technology in the workplace and more will continue to render the perimeter security model less powerful and the financial imperative of modern cyber threats is clear. Some estimates forecast that failure to implement sufficient cyber security solutions and capabilities quickly enough could mean a $3 trillion hit to the world economy by 2020.

Fourth on the Global WEF Agenda - cyber threats

Cyber threats is number 4 on the World Economic Forum of top 10 trends, so it is time to plan ahead and be proactive about new security threats. Allocate sufficient resources and people to head off cyber threats before they attack and organisations can still win the battle and the war.

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Join the CSO newsletter!

Error: Please check your email address.

Tags cybersecuritycyber security

More about CSOEnex TestLabGartner

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Gordon Makryllos

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place