Search

Brian Pennington

A blog about Cyber Security & Compliance

Tag

watchguard

6 Experts predict the IT security and compliance issues and trends for 2013

Everyone has an opinion on what could be around the corner, some are based on extensive research and market trends, and some are based on customer expectations and experience.

Rather than bore you with my predictions I thought I would extract the predictions of several vendors and a distributor and put them into one single post so it is easier to see trends and when we get to the end of the year we can see if they were right.

The 6 specialist predictors this year are from the following organisations:

  1. Wick Hill
  2. Websense
  3. WatchGuard
  4. Kaspersky
  5. Fortinet
  6. Sophos

Wick Hill Group’s Ian Kilpatrick delivers his top five trends for 2013

  1. BYOD. “BYOD was arguably the biggest buzz word of 2012 and is now an unstoppable, user-driven wave which will continue to make a major impact on the IT world in 2013 and beyond. Smartphones, tablets and laptops all come under this category, as well as desktop PCs used remotely from home. BYOD is a transformative technology and 2013 will see companies trying to integrate it into their networks. While tactical needs will drive integration, strategic requirements will become increasingly important.
  2. Mobile Device Management. The very rapid growth of mobile devices such as smartphones, tablets and laptops, but particularly smartphones, led to concerns about their management and security in 2012. With employees using their smartphones for both business and personal use, the security and management issues became blurred. Mobile Device Management solutions were a strong growth area in 2012, which will accelerate in 2013.
  3. High density wireless. Wireless requirements have been significantly incrementing over the last year and this trend will continue in 2013. BYOD has changed both the data transfer and performance expectations of users.
  4. Data back-up and recovery. While large organisations have always been at the forefront of back-up and recovery, data centres and big data have put significant demands on them during 2012. Alongside that, smaller organisations have been under immense pressures from ever increasing data volumes, archiving and compliance requirements.
  5. Data leakage protection. With growing volumes of data and with regulatory bodies increasingly prepared to levy fines for various non-compliance issues, data leakage protection will continue to be a major cause for concern during 2013. Companies will be looking closely at how to secure and manage their data as their network boundaries spread even wider, with increased use of social networking and BYOD, increased remote access, the rapid growth of wireless, increased virtualisation and the move towards convergence.

Websense’s 2013 Security Predictions (the link also contains a video clip explaining the predictions).

  1. Cross-Platform Threats. Mobile devices will be the new target for cross-platform threats.
  2. Malware in App Stores. Legitimate mobile app stores will host more malware in 2013
  3. Government-sponsored attacks. Government-sponsored attacks will increase as new players enter.
  4. Bypass of Sandbox Detection. Cybercriminals will use bypass methods to avoid traditional sandbox detection
  5. Next Level Hacktivists. Expect Hacktivists to move to the next level as simplistic opportunities dwindle
  6. Malicious Emails. Malicious emails are making a comeback.
  7. CMS Attacks. Cybercriminals will follow the crowds to legitimate content management systems and web platforms.

WatchGuard Technologies reveals its annual security predictions for 2013

  1. A Cyber Attack Results in a Human Death
  2. Malware Enters the Matrix through a Virtual Door
  3. It’s Your Browser – Not Your System – that Malware Is After
  4. Strike Back Gets a Lot of Lip Service, but Does Little Good
  5. We’ll pay for Our Lack of IPv6 Expertise
  6. Android Pick Pockets Try to Empty Mobile Wallets

Additionally WatchGuard believes:

  1. An Exploit Sold on the “Vulnerability Market” Becomes the Next APT
  2. Important Cyber Security-Related Legislation Finally Becomes Law

“2012 was an eye-opening year in cyber security as we saw the number of new and more sophisticated vulnerabilities rise, impacting individuals, businesses and governments,” said WatchGuard Director of Security Strategy Corey Nachreiner, a Certified Information Systems Security Professional (CISSP). “This is a year where the security stakes reach new heights, attacks become more frequent and unfortunately more damaging as many organizations suffer attacks before taking measures to protect themselves from the bad guys.”

Kaspersky Lab’s Key Security Predictions for 2013

The most notable predictions for the next year include the continued rise of targeted attacks, cyber-espionage and nation-state cyber-attacks, the evolving role of hacktivism, the development of controversial “legal” surveillance tools and the increase in cybercriminal attacks targeting cloud-based services

  1. Targeted attacks on businesses have only become a prevalent threat within the last two years. Kaspersky Lab expects the amount of targeted attacks, with the purpose of cyber-espionage, to continue in 2013 and beyond, becoming the most significant threat for businesses. Another trend that will likely impact companies and governments is the continued rise of “hacktivism” and its concomitant politically-motivated cyber-attacks.
  2. State-sponsored cyber warfare will undoubtedly continue in 2013. These attacks will affect not only government institutions, but also businesses and critical infrastructure facilities.
  3. In 2012 an on-going debate took place on whether or not governments should develop and use specific surveillance software to monitor suspects in criminal investigations. Kaspersky Lab predicts that 2013 will build on this issue as governments create or purchase additional monitoring tools to enhance the surveillance of individuals, which will extend beyond wiretapping phones to enabling secret access to targeted mobile devices. Government-backed surveillance tools in the cyber environment will most likely continue to evolve, as law-enforcement agencies try to stay one step ahead of cybercriminals. At the same time, controversial issues about civil liberties and consumer privacy associated with the tools will also continue to be raised.
  4. Development of social networks, and, unfortunately, new threats that affect both consumers and businesses have drastically changed the perception of online privacy and trust. As consumers understand that a significant portion of their personal data is handed over to online services, the question is whether or not they trust them. Such confidence has already been shaken following the wake of major password leaks from some of the most popular web services such as Dropbox and LinkedIn. The value of personal data – for both cybercriminals and legitimate businesses – is destined to grow significantly in the near future.
  5. 2012 has been the year of the explosive growth of mobile malware, with cybercriminals’ primary focus being the Android platform, as it was the most popular and widely used. In 2013 we are likely to see a new alarming trend – the use of vulnerabilities to extend “drive-by download” attacks on mobile devices. This means that personal and corporate data stored on smartphones and tablets will be targeted as frequently as it is targeted on traditional computers. For the same reasons (rising popularity), new sophisticated attacks will be performed against owners of Apple devices as well.
  6. As vulnerabilities in mobile devices become an increasing threat for users, computer application and program vulnerabilities will continue to be exploited on PCs. Kaspersky Lab named 2012 the year of Java vulnerabilities, and in 2013 Java will continue to be exploited by cybercriminals on a massive scale. However, although Java will continue to be a target for exploits, the importance of Adobe Flash and Adobe Reader as malware gateways will decrease as the latest versions include automated update systems for patching security vulnerabilities.

Costin Raiu, Director of Global Research & Analysis Team Kaspersky Lab said, “In our previous reports we categorised 2011 as the year of explosive growth of new cyber threats. The most notable incidents of 2012 have been revealing and shaping the future of cyber security. We expect the next year to be packed with high-profile attacks on consumers, businesses and governments alike, and to see the first signs of notable attacks against the critical industrial infrastructure. The most notable trends of 2013 will be new example of cyber warfare operations, increasing targeted attacks on businesses and new, sophisticated mobile threats.”

Fortinet’s FortiGuard Labs Reveals 2013 Top 6 Threat Predictions

  1. APTs Target Individuals through Mobile Platforms. APTs also known as Advanced Persistent Threats are defined by their ability to use sophisticated technology and multiple methods and vectors to reach specific targets to obtain sensitive or classified information. The most recent examples include Stuxnet, Flame and Gauss. In 2013 we predict we’ll see APTs targeted at the civilian population, which includes CEOs, celebrities and political figures. Verifying this prediction will be difficult, however, because after attackers get the information they’re looking for, they can quietly remove the malware from a target device before the victim realizes that an attack has even occurred. What’s more, individuals who do discover they have been victims of an APT will likely not report the attack to the media. Because these attacks will first affect individuals and not directly critical infrastructure, governments or public companies, some types of information being targeted will be different. Attackers will look for information they can leverage for criminal activities such as blackmail; threatening to leak information unless payment is received.
  2. Two Factor Authentication Replaces Single Password Sign on Security Model. The password-only security model is dead. Easily downloadable tools today can crack a simple four or five character password in only a few minutes. Using new cloud-based password cracking tools, attackers can attempt 300 million different passwords in only 20 minutes at a cost of less than $20 USD. Criminals can now easily compromise even a strong alpha-numeric password with special characters during a typical lunch hour. Stored credentials encrypted in databases (often breached through Web portals and SQL injection), along with wireless security (WPA2) will be popular cracking targets using such cloud services. We predict next year we’ll see an increase in businesses implementing some form of two-factor authentication for their employees and customers. This will consist of a Web-based login that will require a user password along with a secondary password that will either arrive through a user’s mobile device or a standalone security token. While it’s true that we’ve seen the botnet Zitmo recently crack two-factor authentication on Android devices and RSA’s SecurID security token (hacked in 2011), this type of one-two punch is still the most effective method for securing online activities.
  3. Exploits to Target Machine-to-Machine (M2M) Communications. Machine-to-machine (M2M) communication refers to technologies that allow both wireless and wired systems to communicate with other devices of the same ability. It could be a refrigerator that communicates with a home server to notify a resident that it’s time to buy milk and eggs, it could be an airport camera that takes a photo of a person’s face and cross references the image with a database of known terrorists, or it could be a medical device that regulates oxygen to an accident victim and then alerts hospital staff when that person’s heart rate drops below a certain threshold. While the practical technological possibilities of M2M are inspiring as it has the potential to remove human error from so many situations, there are still too many questions surrounding how to best secure it. We predict next year we will see the first instance of M2M hacking that has not been exploited historically, most likely in a platform related to national security such as a weapons development facility. This will likely happen by poisoning information streams that transverse the M2M channel — making one machine mishandle the poisoned information, creating a vulnerability and thus allowing an attacker access at this vulnerable point.
  4. Exploits Circumvent the Sandbox. Sandboxing is a practice often employed by security technology to separate running programs and applications so that malicious code cannot transfer from one process (i.e. a document reader) to another (i.e. the operating system). Several vendors including Adobe and Apple have taken this approach and more are likely to follow. As this technology gets put in place, attackers are naturally going to try to circumvent it. FortiGuard Labs has already seen a few exploits that can break out of virtual machine (VM) and sandboxed environments, such as the Adobe Reader X vulnerability. The most recent sandboxing exploits have either remained in stealth mode (suggesting that the malware code is still currently under development and test) or have actively attempted to circumvent both technologies. Next year we expect to see innovative exploit code that is designed to circumvent sandbox environments specifically used by security appliances and mobile devices.
  5. Cross Platform Botnets In 2012. FortiGuard Labs analyzed mobile botnets such as Zitmo and found they have many of the same features and functionality of traditional PC botnets. In 2013, the team predicts that thanks to this feature parity between platforms, we’ll begin to see new forms of Direct Denial of Service (DDoS) attacks that will leverage both PC and mobile devices simultaneously. For example, an infected mobile device and PC will share the same command and control (C&C) server and attack protocol, and act on command at the same time, thus enhancing a botnet empire. What would once be two separate botnets running on the PC and a mobile operating system such as Android will now become one monolithic botnet operating over multiple types of endpoints.
  6. Mobile Malware Growth Closes in on Laptop and Desktop PCs. Malware is being written today for both mobile devices and notebook/laptop PCs. Historically, however, the majority of development efforts have been directed at PCs simply for the fact that there are so many of them in circulation, and PCs have been around a much longer time. For perspective, FortiGuard Labs researchers currently monitor approximately 50,000 mobile malware samples, as opposed to the millions they are monitoring for the PC. The researchers have already observed a significant increase in mobile malware volume and believe that this skewing is about to change even more dramatically starting next year. This is due to the fact that there are currently more mobile phones on the market than laptop or desktop PCs, and users are abandoning these traditional platforms in favor of newer, smaller tablet devices. While FortiGuard Labs researchers believe it will still take several more years before the number of malware samples equals what they see on PCs, the team believes we are going to see accelerated malware growth on mobile devices because malware creators know that securing mobile devices today is currently more complicated than securing traditional PCs.

Sophos think the following five trends will factor into the IT security landscape in 2013

  1. Basic web server mistakes. In 2012 we saw an increase in SQL injection hacks of web servers and databases to steal large volumes of user names and passwords. Targets have ranged from small to large enterprises with motives both political and financial. With the uptick in these kinds of credential-based extractions, IT professionals will need to pay equal attention to protecting both their computers as well as their web server environment
  2. More “irreversible” malware. In 2012 we saw a surge in popularity and quality of ransomware malware, which encrypts your data and holds it for ransom. The availability of public key cryptography and clever command and control mechanisms has made it exceptionally hard, if not impossible to reverse the damage. Over the coming year we expect to see more attacks which, for IT professionals, will place a greater focus on behavioral protection mechanisms as well as system hardening and backup/restore procedures
  3. Attack toolkits with premium features. Over the past 12 months we have observed significant investment by cybercriminals in toolkits like the Blackhole exploit kit. They’ve built in features such as scriptable web services, APIs, malware quality assurance platforms, anti-forensics, slick reporting interfaces, and self protection mechanisms. In the coming year we will likely see a continued evolution in the maturation of these kits replete with premium features that appear to make access to high quality malicious code even simpler and comprehensive
  4. Better exploit mitigation. Even as the number of vulnerabilities appeared to increase in 2012—including every Java plugin released for the past eight years—exploiting them became more difficult as operating systems modernized and hardened. The ready availability of DEP, ASLR, sandboxing, more restricted mobile platforms and new trusted boot mechanisms (among others) made exploitation more challenging. While we’re not expecting exploits to simply disappear, we could see this decrease in vulnerability exploits offset by a sharp rise in social engineering attacks across a wide array of platforms
  5. Integration, privacy and security challenges. In the past year mobile devices and applications like social media became more integrated. New technologies—like near field communication (NFC) being integrated in to these platforms—and increasingly creative use of GPS to connect our digital and physical lives means that there are new opportunities for cybercriminals to compromise our security or privacy. This trend is identifiable not just for mobile devices, but computing in general. In the coming year watch for new examples of attacks built on these technologies.

Sophos “The last word, Security really is about more than Microsoft. The PC remains the biggest target for malicious code today, yet criminals have created effective fake antivirus attacks for the Mac. Malware creators are also targeting mobile devices as we experience a whole new set of operating systems with different security models and attack vectors. Our efforts must focus on protecting and empowering end users—no matter what platform, device, or operating system they choose”

For a retrospective view why not ready my post from last year “7 experts predict the IT security and compliance issues and trends of 2012

.

7 experts predict the IT security and compliance issues and trends of 2012

Here we are on the edge of another year and it is the time of year when the predictions start.

Everyone has an opinion on what could be around the corner, some are based on extensive research and market trends, and some are based on customer expectations and experience.

Rather than bore you with my predictions I thought I would extract the predictions of several leading vendors and consultants and put them into one single post.

The plan is to use a range of industry specialisations, for example Anti-Virus and Authentication, and run them side by side for an easy comparison and to see if there is a trend in the predicted trends.

The 7 specialist predictors are from the organisations listed below

  1. Confident Technologies
  2. Cryptzone
  3. Deloitte
  4. Lancope
  5. Trend Micro
  6. Varonis
  7. WatchGuard

Other opinions and predictions are available and the full predictions of the specific organisation are within the links and the end of each prediction.

Top 5 Authentication Predictions for 2012 from Confident Technologies

  1. BYOMD (bring your own mobile device) will spell big trouble for businesses in terms of data loss in 2012.
  2. There will be a large data breach (reminiscent of the Sony online gaming breach of 2011) which will finally cause organizations across many industries to realize they cannot rely solely on passwords to protect user accounts.
  3. Targeted Variations of Zeus-in-the-Mobile style attacks will grow
  4. Smart devices enable smart authentication: image-based authentication, biometrics and more.
  5. Retailers and mobile payment providers will lead the adoption of new mobile authentication techniques in 2012

Find the Confident Technologies predictions here.

Cryptzone predicts Trends for 2012

Cryptzone, the IT Threat mitigation experts, announced its 8 key predictions for the top security trends for the coming year.

  1. Targeted Attacks
  2. Bring Your Own Device (BYOD)
  3. Greater Security for Production Systems
  4. Intranets on the iPAD
  5. Incident Response Management
  6. Context Awareness for Access Rights
  7. Content Security verses Hardware Security
  8. Shortened Product Development Lifecycles

Peter Davin, CEO of Cryptzone, comments “Employees are now demanding to use their own devices for work with security as a prerequisite. On the other side, hackers have become more sophisticated in whom they target, opting away from indiscriminate strikes. 2012 will see these trends develop even further.”

Find Cryptzone’s predictions here.

Deloitte’s Top five security threats in 2012

  1. Mobile devices (34%)
  2. Security breaches involving third parties (25%)
  3. Employee errors and omissions (20%)
  4. Faster adoption of emerging technologies (18%)
  5. Employee abuse of IT systems and information (17%)

Find Deloitte’s predictions here.

Trend Micro 2012 Threat Predictions:

Attacks Take on More Sophistication in the Post-PC, BYOD Era Trend Micro’s “12 Threat Predictions for 2012” include:

  1. The real challenge for data center owners will be the increasing complexities of securing physical, virtual, and cloud-based systems
  2. Security and data breach incidents in 2012 will force companies worldwide to face BYOD (Bring-Your-Own-Device) related challenges
  3. Security vulnerabilities will be found in legitimate mobile apps, making data extraction easier for cybercriminals
  4. More hacker groups will pose a bigger threat to organizations that protect highly sensitive data
  5. The new social networking generation will redefine “privacy.”
  6. Supporting assets

Find Trend Micro’s predictions here.

Lancope Announces Top Five Security Predictions for 2012

Lancope, Inc., a leader in flow-based security, network and application performance monitoring, unveiled its top five security predictions for 2012.

  1. Advanced persistent threats (APTs) will become more predominant
  2. Insider threats will grow
  3. Industrialized attacks will remain stable
  4. Employee misuse and abuse will create steady risk
  5. Fully automated attacks will trend down

If 2011 taught us anything, it’s that the targeted, highly motivated attacker is real. Tomorrow’s threat landscape requires a new level of preparation when it comes to security,” said Adam Powers, chief technology officer at Lancope.

Find Lancope’s predictions here.

Varonis gives its top predictions for Data Governance in 2012

Varonis Systems Inc., the leading provider of comprehensive data governance software announced its top-level predictions for the Data Governance field in 2012.

  1. Secure Collaboration Goes Viral in 2012. It will be the year data owners take back access control decisions from IT, and demand automation to analyze data, make better decisions, and eliminate costly, ineffective manual processes
  2. Big data analytics will expand its focus to the biggest data of al unstructured information sitting on file servers, NAS devices, and in email systems
  3. We will see some IT departments taking drastic measures, such as shutting down “at risk” servers or access to e-mail if the proper audit trails are not in place
  4. Internal threats will still be a major worry for corporates in 2012 despite the demise of Wiki Leaks

David Gibson, Director of Technical Marketing and Strategic Sales at Varonis said: “When it comes to data loss, threats from inside the organization have become as worrisome, if not more so, than those from outside. In many of the security breaches in 2011, employees or contractors were able to delete or download thousands of files without raising concerns because often no one was able to determine what sensitive data they had access to and secure it before information could be stolen, view an audit trail of what they actually did access after the fact, and certainly not hear any alarms go off while the breach was in progress, when access activity was unusual. Corporates will have to address this issue properly in 2012.”

Find Varonis’s predictions here.

WatchGuard Unveils Top 10 Security Predictions for 2012

WatchGuard Technologies’ security analysts provide their 2012 security predictions

  1. A major cloud provider will suffer a significant security breach. Cloud Computing brings chance of malware-storms
  2. Organized criminals will leverage Advanced Malware techniques in targeted attacks against businesses
  3. The barrage of noteworthy data breaches continues through 2012
  4. Increased reliance on virtualization reawakens need for virtual security. Unprotected virtual machines make bad neighbors
  5. Smartphone app stores and marketplaces help proliferate mobile malware in the real world
  6. Adoption of BYOD and IT self-service results in more data loss. Bring your own device means clean your own infections
  7. As the top vector for social engineering and malware, Facebook is forced to increase its security. In 2012 WatchGuard forecasts Facebook-based attacks will increase and Facebook will be forced to sit up and take notice. Specifically, Facebook will implement new security solutions on their site to avoid losing fed-up users
  8. Attackers launch a digital attack that affects physical infrastructure or equipment. My power plant got a virus infection. Expect at least one digital attack in 2012 to cause a significant repercussion to a physical infrastructure system
  9. Location aware malware customizes its attacks. Spyware knows where you live
  10. HTML5 offers five times the ways to hijack your website. New web technologies like HTML5 fuel the growth for next year’s web application attacks

2012 stands to be a dynamic year for network security as criminals and hackers take threats to new levels,” said Eric Aarrestad, Vice President at WatchGuard Technologies. “Given how new threats are constantly evolving, WatchGuard remains ever vigilant in staying one step ahead of these threats, which gives our customers unparalleled protection for their networks, applications and data.”

Find WatchGuard predictions here.

It appears the common theme is “mobile” as the biggest threat, whether the device is employee owned or not. Similarly they agree that the bad guys will continue to focus of target attacks.

Let’s just hope that 2012 is a more secure year that 2011.

.

Blog at WordPress.com.

Up ↑

%d bloggers like this: