Security professionals around the world are fighting a challenging battle at the moment, as online adversaries continually change their modes of attack by turning to more sophisticated methods. So what are the key security threats that businesses should look out for at the moment?
Security professionals around the world are fighting a challenging battle. Their objective is to protect their corporate physical and information assets but each day there is a new story announcing a successful system breach by such “organisations” as Anonymous, LulzSec and Antisec. Unfortunately, their job is like trying to block every hole in a kitchen colander with one hand tied behind your back.
The original perspective of enterprise security – to “protect the perimeter” – has changed drastically because today, there really is no perimeter with such things as USB drives, smartphone devices and mobile tablets.
Our adversaries have also changed their modes of attack, turning to more sophisticated methods, using social engineering and focused on individuals with broad administrative access to corporate computer systems. Hence, their attack is really like shooting at one hole of the colander and once in, the adversary can then set up back doors, perform scanning and create a footprint of the enterprise computer network, finally attacking the databases containing the corporate crown jewels.
The word “daunting” may not be adequate to describe the challenges today.
A New Philosophy
Now, there’s a new theme surfacing, which dictates that you should assume your security systems are breached. You should assume that you can, and will be breached. And you could already be compromised.
This theme of assumption of a breach is s echoed in a PriceWaterhouseCoopers whitepaper called “Are You Compromised But Don’t Know It? A New Philosophy for Cybersecurity.” Here the authors reinforce the new philosophy: assume you have been or will be breached and protect your systems and data accordingly. They advocate that this approach lets you be more flexible in protection of your high-value assets.
In the Verizon Data Breach Investigations Report for 2011, there is a demonstrated increase in data breaches caused by external agents. In other words, these external entities need to somehow breach the security systems to gain access to the information. And statistically the report goes on to show that the data breaches occurred as follows:
· 50 percent used some form of hacking
· 49 percent incorporated some sort of malware
· 11 percent employed social engineering tactics
What Do You Do with this New Philosophy?
Businesses need to realise that the traditional defensive measures do not necessarily work to identify and stop the more sophisticated attacks. Even the smallest hole in your perimeter – that one hole in the colander — could be compromised. That is all the attacker needs.
So what are the key security threats to look out for? The most prominent threats include the following:
1. Mobile malware is on the rise. Malware targeting mobile devices will continue to increase, and enterprises will wrestle with how to protect users. Obvious targets will be smartphones and tablets, with all mobile platforms likely to experience an increase in mobile attacks.
2. Criminals target and infect app stores. Infected applications, rather than browser-based downloads, will be the main sources of attack. Because they are not policed well, unauthorised application stores will be the predominant source of mobile malware, with cybercriminals posting their infected applications here in an attempt to lure trusting users.
3. Application scoring systems will be developed and implemented. To reassure users, organisations will want to have their application source code reviewed by third parties. Similarly, organisations will want to ensure that the applications approved for use on workers’ devices meet certain standards.
4. Emergence of bank-friendly applications with built-in security. Mobile devices will increasingly be used to view banking information, transfer money, donate to charities and make payments, presenting an opportunity for cybercriminals, who will find ways to circumvent protections.
5. Hyper-connectivity leads to growing identity and privacy challenges. In today’s business environment, more users need to legitimately access more data from more places. This requires the protection of data at every access point by using stronger credentials, deploying more secure, partner-accessible systems, and improving log management and analysis. Compounding the issue is a new age of cross-platform malicious code, aimed at sabotage and mounting concerns about privacy.
6. New risks accompany move to digitised health records. As the healthcare industry becomes more digitised, new mobile devices will be introduced that send sensitive information beyond the traditional boundaries of health care providers creating a greater security risk.
7. Mobile and medical devices will begin to merge. Mobile devices and health care apps will proliferate, making it easier to transform a smartphone into a heart monitor or diabetes tester. As interoperability standards mature, more mobile devices and traditional medical devices will become nodes on an organisation’s network. These devices will be susceptible to the same threats and vulnerabilities that computers and other network-attached peripherals face.
8. New concerns will surface about IPv6. The federal government is still struggling with the rollout of IPv6-enabled devices as organisations migrate from IPv4. This will be an ongoing concern and IPv6 specific vulnerabilities and threats will continue to cause trouble during 2012.
9. Social-engineering threats resurface. More targeted spear-phishing — an email-fraud attempt that targets a specific organisation, seeking unauthorised access to confidential data – will be the major social-engineering threat of 2012. Efforts to educate user communities about safe computing practices will continue to be a challenge as the user base of smart devices increases dramatically.
10. Security certification programs will increase in popularity. Certifications will continue to increase in the government and private sectors. Internet threats will continue to affect business, government and user confidence and wreak havoc on computing devices in the office and at home.
11. ‘Big Data’ will get bigger, and so will security needs. ”Big data” — large data sets that can now be managed with the right tools — will be popular in 2012 as more companies derive greater value through analytics. Companies will use the data to create new business opportunities while empowering evidence-based decision making for greater success.
12. Safeguarding online identities will no longer be optional. With the rampant growth of online identity theft, consumers, businesses and government agencies are seeking ways to better protect their identities. These groups will look to the private sector to provide a cost-effective solution that helps to safeguard their identities and create greater online trust.