Govt malware, insider threats to dominate security landscape: CyberArk
By Digital News Asia December 13, 2013
- Govt malware and the Snowden case will affect the threat landscape substantially
- More attention on insider threats and encryption, and securing not just the perimeter
THIS year has seen many high-profile security breaches, including the NSA-Edward Snowden case involving the exploitation of privileged or administrator accounts.
The theft, misuse and exploitation of privileged accounts has become an increasingly key tactic in each phase of an advance persistent threat (APT) attack cycle, and this will largely continue into next year, said enterprise security solutions vendor CyberArk, outlining its security predictions for 2014.
1) State-sponsored attacks will become splintered and more common
The revelations of the spying programmes by the NSA (US National Security Agency), GCHQ (the United Kingdom’s Government Communications Headquarters), and other intelligence agencies have established a precedent how governments use the Internet and technology for national defence.
More and more countries are expected to embrace and go beyond this approach – both in terms of passive surveillance and in aggressive cyber-attacks.
The major geopolitical players (the West, Iran, China, and Russia) will continue to refine their cyber efforts, which will have a major impact on the powers of rogue nations and state-sponsored terrorist groups.
As with Stuxnet, these attacks are dismantled and re-purposed – the attacks become commoditised and trickle down to the rogue elements. There will be more attacks of this nature occurring, for a wider array of reasons – economics, politics, and terrorism.
2) Encrypt everything
The fallout of the Edward Snowden breach will continue to have a major impact on everything we do. As companies like Google continue the call to now “encrypt everything,” new encryption standards will emerge.
As encryption methods develop, frontiers will be reached in encryption and hash cracking, whether by novel mathematical methods or by dedicated hardware, such as this 25 GPU-based platform.
3) Malware prevention hits the rocks
The death of the perimeter has been predicted to some degree for the past 10 years. While there will also be a market for perimeter-oriented technologies, there will be wide scale disillusionment with technology like next-generation firewalls and sandboxing, primarily driven by the fact that more and more companies will experience targeted breaches, despite having installed these solutions.
4) Increased spending on insider threat prevention
The insider threat is ever present and hangs over every company. The Edward Snowden incident continues to reverberate across industries. Hence, there will be a much greater emphasis on the person aspect of insider threat prevention in 2014.
Companies will spend more money and time on employee screening and monitoring, with a stronger focus on outsourced and contracted positions. A much greater emphasis on monitoring and controlling privileged users is also expected.
5) Social engineering on steroids
Social engineering has always been one of the best assets cyber-attackers have at their disposal to breach perimeter security. From spoof emails to fake websites, attackers use the human condition to bypass perimeter security and deliver their malware payload directly into a network.
There will be more attacks like the ‘damsel in distress,’ a targeted attack aimed at male IT workers that used fake social profiles of attractive females who were posing as new hires and requesting ‘help,’ or fake job proposals and phone calls from ‘head hunters’ to solicit information – all to get one employee to unknowingly open the doors for an attack.
As online identity increasingly becomes tied to social networking sites, the sophistication of social engineering attacks will grow.
6) Hacking the supply chain
Cyber attackers revealed a similar strategy in 2012 and 2013 by targeting technology vendors (especially security vendors) in an effort to build backdoors or bypass security at corporate clients.
This attack vector will worsen in 2014, as more cyber attackers infiltrate companies well down the supply chain to implant malicious code into software products that eventually get installed at a later date in the real target company’s network.
7) Controlling a connected house
Researchers have shown how to use hardcoded and default passwords as backdoors to many enterprise and consumer products.
This year, researchers (or attackers) will demonstrate how easy it is to hack smart meters through default passwords. Through this access, hackers will be able to commandeer the environmental controls of a house.
8) Organising crime
2014 will show just how far organised crime can reach into the cyber world as more and more groups target law enforcement networks in order to steal information on current investigations in an effort to stay ahead of the long arm of the law.
9) Black Fridays
Yes, there is a black market for cyber criminals, where malware, hacking tools and assorted other cyber-attack related items are sold.
In 2014, administrative passwords and privileged credentials will become the No 1 hot item on the cyber black markets. The world has witnessed a glimpse of this already in 2013 in the indictment for hacker and black market entrepreneur Andrew James Miller.
10) Cloudy days ahead
It is simply a matter of time when one of the main cloud providers is breached – causing wide spread disruption and downtime.
US spying, and casting the first stone
Govt malware: Why and how it’s used, and is it cyber-war?
USA vs the world: The problems with PRISM