Top 5 Security Threats by Aarij M Khan, Director of product marketing, ArcSight, HP
With the ever increasing threats in the cyber world, organizations across every business services are at stake. It is worth taking a look at the top five cyber security threats that will be on the minds of the professionals tasked with managing cyber risks across business services.
Before we assess where we are heading, let’s review where we are now. We kicked off 2011 with a large number of sophisticated cybercrime groups active around the world and with new types of criminal groups that have developed a specific expertise within the cyber security supply chain. As a result of the increased number of active cyber criminals, we believe there is more malicious software developed and distributed around the world than ever before.
Yet, despite the increased risk, most companies can’t identify the origins of the threat and the extent of the attack. According to the Identity Theft Resource Centre, out of the 662 breaches it registered in 2010, close to 40% of the listed breaches had no cause specified (i.e., the company didn’t know where the breach came from), and nearly 50% of the breaches did not list which records were compromised.
It is likely that the number of cyber criminals will rise even further in 2011, resulting in more malicious software distributed and more incidences of cyber security breaches. In order to counter the new attacks, individuals and business organizations are needed to remain vigilant to cope with a threat landscape that is quickly evolving in future.
We believe that the following threats will be prominent over the coming months:
1. Traditional malware
Traditional malware will remain the primary mechanism of distributing software to computers on the internet. As F-Secure reported in 2009, there was a three-fold increase in the number of malware detections between 2007 and 2008, and a 15-fold increase over five years prior. More recent numbers from McAfee indicate roughly 55,000 new malware pieces identified every day, which continues the exponential growth pattern into 2010. This trend will only continue.
Trojans will likely remain the main vehicle for malware distribution. In many instances they could be disguised as a document (e.g., PDF file).
2. Shift to advanced persistent threat (APT)
Attacks will be more advanced, targeted at a specific institution with a goal to acquire specific data. Oftentimes described as Advanced Persistent Threat (APT), these attacks are designed to infiltrate an organisation, hop the firewall and acquire a target. Once the software gets behind the firewall, it hops around the organisation investigating and gathering information about the internal system. It then uses this information to gain privileged access to critical information (e.g., transactions processing, customer lists or HR records) and begins stealing sensitive data. Without proper monitoring in place, it can be weeks or months before an organisation detects that it is under attack.
3. Focus on finance, hospitality and retail
Financial services, hospitality and retail industries will face an increased number of threats as these sectors are most prone due to frequent visit of customers.
4. Mobile devices increase vulnerabilities
Seven out of ten companies still don’t have explicit policies outlining which devices can be logged on to the network or on working in public places. As more people work and access information remotely, the threat levels from existing vulnerabilities will increase and new ones will appear.
5. Hactivism as a new type of threat
The most visible example of hactivism were the recent attacks by Anonymous, a group that targeted MasterCard, Visa and PayPal after those companies cut off financial services to WikiLeaks. We may see more of these types of attack by groups representing political and environmental organizations.
Just two years ago, “cyber” was not a topic frequently featured in mainstream news. Today, even some of the tabloid media is covering the subject. Cyber threats have risen from an IT issue to a topic of strategic importance to companies and governments around the world. It seems many organizations are starting to discuss the importance of cyber defense. This year, we will see whether all the talk will bring with it swift action.
With the ever increasing threats in the cyber world, organizations across every business services are at stake. It is worth taking a look at the top five cyber security threats that will be on the minds of the professionals tasked with managing cyber risks across business services.
Before we assess where we are heading, let’s review where we are now. We kicked off 2011 with a large number of sophisticated cybercrime groups active around the world and with new types of criminal groups that have developed a specific expertise within the cyber security supply chain. As a result of the increased number of active cyber criminals, we believe there is more malicious software developed and distributed around the world than ever before.
Yet, despite the increased risk, most companies can’t identify the origins of the threat and the extent of the attack. According to the Identity Theft Resource Centre, out of the 662 breaches it registered in 2010, close to 40% of the listed breaches had no cause specified (i.e., the company didn’t know where the breach came from), and nearly 50% of the breaches did not list which records were compromised.
It is likely that the number of cyber criminals will rise even further in 2011, resulting in more malicious software distributed and more incidences of cyber security breaches. In order to counter the new attacks, individuals and business organizations are needed to remain vigilant to cope with a threat landscape that is quickly evolving in future.
We believe that the following threats will be prominent over the coming months:
1. Traditional malware
Traditional malware will remain the primary mechanism of distributing software to computers on the internet. As F-Secure reported in 2009, there was a three-fold increase in the number of malware detections between 2007 and 2008, and a 15-fold increase over five years prior. More recent numbers from McAfee indicate roughly 55,000 new malware pieces identified every day, which continues the exponential growth pattern into 2010. This trend will only continue.
Trojans will likely remain the main vehicle for malware distribution. In many instances they could be disguised as a document (e.g., PDF file).
2. Shift to advanced persistent threat (APT)
Attacks will be more advanced, targeted at a specific institution with a goal to acquire specific data. Oftentimes described as Advanced Persistent Threat (APT), these attacks are designed to infiltrate an organisation, hop the firewall and acquire a target. Once the software gets behind the firewall, it hops around the organisation investigating and gathering information about the internal system. It then uses this information to gain privileged access to critical information (e.g., transactions processing, customer lists or HR records) and begins stealing sensitive data. Without proper monitoring in place, it can be weeks or months before an organisation detects that it is under attack.
3. Focus on finance, hospitality and retail
Financial services, hospitality and retail industries will face an increased number of threats as these sectors are most prone due to frequent visit of customers.
4. Mobile devices increase vulnerabilities
Seven out of ten companies still don’t have explicit policies outlining which devices can be logged on to the network or on working in public places. As more people work and access information remotely, the threat levels from existing vulnerabilities will increase and new ones will appear.
5. Hactivism as a new type of threat
The most visible example of hactivism were the recent attacks by Anonymous, a group that targeted MasterCard, Visa and PayPal after those companies cut off financial services to WikiLeaks. We may see more of these types of attack by groups representing political and environmental organizations.
Just two years ago, “cyber” was not a topic frequently featured in mainstream news. Today, even some of the tabloid media is covering the subject. Cyber threats have risen from an IT issue to a topic of strategic importance to companies and governments around the world. It seems many organizations are starting to discuss the importance of cyber defense. This year, we will see whether all the talk will bring with it swift action.