Attention! Virus attack on your sytem! This might sound old fashioned for IT managers today. But what is expected in near future which might bring the chill down the IT manager’s spine. Dataquest predicts Top 6 security threats for 2013!
1. Mobile Malware Growth Closes, APTs Target Individuals
Malware is being written today for both mobile devices and notebook/laptop PCs. Historically, however, the majority of development efforts have been directed at PCs simply for the fact that there are so many of them in circulation, and PCs have been around a much longer time. For perspective, FortiGuard Labs researchers currently monitor approximately 50,000 mobile malware samples, as opposed to the millions they are monitoring for the PC.
The researchers have already observed a significant increase in mobile malware volume and believe that this skewing is about to change even more dramatically starting next year.
APTs also known as Advanced Persistent Threats are defined by their ability to use sophisticated technology and multiple methods and vectors to reach specific targets to obtain sensitive or classified information. The most recent examples include Stuxnet, Flame and Gauss.
“In 2013 we predict we’ll see APTs targeted at the civilian population, which includes CEOs, celebrities and political figures. Verifying this prediction will be difficult, however, because after attackers get the information they’re looking for, they can quietly remove the malware from a target device before the victim realizes that an attack has even occurred,” said Derek Manky, senior security strategist, FortiGuard Labs.
2. IP Theft intrudes further
When it comes to IP (intellectual property) theft; the targeted nature of the attack considerably changes how they are conceived and carried out. The fact that it is usually a different kind of threat agent, those looking for highly sensitive information to be used for a specific purpose, as opposed to those only looking for quickcash out also changes the game.
“Our latest report states that finding and identifying the work of IP theft is highly difficult and specialized. Many of these breaches go undetected until long after the damage has been done, and it often takes quite a while to successfully contain the breach,” says Mark Goudie – managing principal, for the RISK Team at Verizon Enterprise Solutions.
IP attacks often include collusion between insiders and outsiders. Regular employees accounted for the largest percentage (two-thirds) of insiders. Outsiders often acted directly and maliciously, but also regularly solicited and aided by insiders.
Most of the thefts are carried out by determined adversaries who target IP as a shortcut to attaining some manner of strategic, financial, technological or related advantage. With IP attacks, no single solution can guarantee protection.A common-sense, evidence-based approach is the best defense.
3. Cross Platform Botnets
In 2012, FortiGuard Labs analyzed mobile botnets such as Zitmo and found they have many of the same features and functionality of traditional PC botnets. In 2013, the team predicts that thanks to this feature parity between platforms, new forms of Direct Denial of Service (DDoS) attacks that will leverage both PC and mobile devices simultaneously.
For example, an infected mobile device and PC will share the same command and control (C&C) server and attack protocol, and act on command at the same time, thus enhancing a botnet empire. What would once be two separate botnets running on the PC and a mobile operating system such as Android will now become one monolithic botnet operating over multiple types of endpoints.
4. Growing Privacy Concerns
In the coming year, IT professionals will have to manage not just threats of data leakage and identity theft, but also growing consumer and employee concerns about data privacy.
Niraj Kapasi, IT auditor and chair of ISACA’s India Task Force, says, “Enterprises in India should be conscious that data protection goes beyond securing servers at data centers or office premises. With the growing number of cyberthreats globally, information risk can come from existing employees, customers, industrial surveillance by competitors, hackers, organized crime and even foreign governments.”
Also,the password-only security model is dead. Easily downloadable tools today can crack a simple four or five character password in only a few minutes. Using new cloud-based password cracking tools, attackers can attempt 300 mn different passwords in only 20 minutes at a cost of less than US$20. Criminals can now easily compromise even a strong alphanumeric password with special characters during a typical lunch hour. Fortinet Labs predict next year an increase in businesses implementing some form of two-factor authentication for their employees and customers. This will consist of a Web-based login that will require a user password along with a secondary password that will either arrive through a user’s mobile device or a standalone security token. While it’s true that the botnet Zitmo recently crack two-factor authentication on Android devices and RSA’s SecurID security token (hacked in 2011), this type of one-two punch is still the most effective method for securing online activities.
5. Cyberwar: Nearing its Peak!
Viruses that send unsolicited emails and attack web sites, as well as search engine poisoning-where unwitting users are misdirected toward questionable or fraudulent sites-are among the increasingly sophisticated tactics used to capture and exploit consumer data and pose threats to international supply chains.
Avinash Kadam, ISACA India Task Force Member, says, “With the growing number of cyberthreats, it is critical for enterprises to safeguard their information assets. Addressing cyber issues should be considered beyond defining internet policies. It is equally important for enterprises to educate their employees on information risks, as it is not just an IT issue, but also a business issue
6. Healthcare, BFSI, Govt at utmost risk!
According to the Verizon 2011 and 2012 Data Breach Investigation Report findings, some types of organizations such as Hospitality, Retail and Financial Services seem more prone to data breaches than others. The commonality with many of the victim organisations is that have insecure remote support from vendors. This insecure remote connection is compromised by industrial scale organized crime gangs that operate across international boundaries.
Web application exploits which are most likely to affect larger organizations and especially governments, rather than small to medium-sized businesses. The chances of such attacks occurring are three in four, according to the data compiled by the RISK Team. “Given these odds, organizations that choose to take their chances and ignore secure application development and assessment practices in 2013 are asking for trouble,” said Baker, Verizon.