7 Security Trends to Expect in 2014
From increasingly sophisticated DDoS attacks to stuxnets to insider threats, companies have plenty to worry about when it comes to enterprise security in 2014.
Computer systems, in many peoples' eyes, are there to be hacked -- and that means fraudsters are always working on new ways to exploit vulnerabilities. So what does 2014 have in store? Here are seven security predictions for the New Year.
DDoS Attacks Get Sneaky
DDoS attackers will go from simple volumetric attacks to ones which take advantage of a site's specific performance characteristics. That's the prediction of security researchers at Neohapsis, a security and risk management consulting company.
DDoS attacks that intelligently target bottlenecks in performance, such as pages with a high server load (like database writes) or specific network bottlenecks (like login and session management), can magnify the impact over attacks which are simply volume-based and request the homepage of a site. So it's likely that we will begin to see the spread of tools which profile specific targets.
The result? DDoS attacks that have more impact, and involve less network traffic, than the ones enterprises have become accustomed to mitigating against.
Insider Threats Remain Major Security Problem
According to a CyberSecurity Watch survey insiders were found to be the cause in 21 percent of security breaches, and a further 21 percent may have been due to the actions of insiders. More than half of respondents to another recent survey said it's more difficult today to detect and prevent insider attacks than it was in 2011, and 53 percent were increasing their security budgets in response to insider threats.
While a significant number of breaches are caused by malicious or disgruntled employees - or former employees - many are caused by well-meaning employees who are simply trying to do their job. BYOD programs and file sharing and collaboration services like Dropbox mean that it will be harder than ever to keep corporate data under corporate control in the face of these well-meaning but irresponsible employees.
Defending against insider threats requires a multi-layered use of technological controls, including system-wide use of data encryption and establishment of policies stressing prevention of data loss.
Security Worries Drive Cloud Consolidation
Organizations will look to buy more solutions from a single vendor and demand greater integration between solutions to automate security, according to Eric Chiu, president of HyTrust, a cloud security company. The fact that securing cloud environments is very different from securing traditional physical environments will drive greater consolidation in the market, he says.
Legacy Systems Cause More Security Headaches
The spate of IT failures in banks and other high profile companies highlights a simple fact: Many of them are running legacy systems which are so old and out of date that they are becoming almost impossible to maintain. That's because there are few people with the skills and expert knowledge that would be needed to run them securely - even if they were updated to eliminate know vulnerabilities, which they frequently are not.
They often aren't updated because no-one knows what impact that would have. It's inevitable that we'll see hackers going after such systems, exploiting vulnerabilities that can't easily be fixed.
Encryption Will Be Revisited
In the wake of revelations about the NSA, many companies are realizing that encryption many be the only thing that is protecting their data, and it may not be as strong as they imagined. What's more, if hackers are led to believe there is a weakness in a particular system - either accidental or intentional - they will pound on it until they find it.
As a result, many companies will look to improve the way they use encryption. Look for particular attention to be paid to cryptographic block modes like CBC and OFB, and authenticated modes like EAX, CCM and GCM, advise the experts at Neohapsis. In addition to the encryption methods themselves, look for insights and innovations around key management and forward security.
'Stuxnets' Become More Common
State-sponsored malware like Stuxnet - which is widely attributed to the United States, Israel or both - has proved to be far more sophisticated and effective than anything that a couple of hackers can develop. Expect more of this type of malware from the likes of China, Russia, Iran, India, Brazil and Pakistan. It's probably already out there, even if it hasn't yet been detected. 2014 could be the year that its prevalence becomes apparent.
Bitcoin Drives New Malware
The Bitcoin virtual currency is growing in popularity with legitimate businesses, and that's likely to continue. That's because Bitcoin payments offer significant attractions: They are quick and cheap, and there is no possibility of a chargeback.
But Bitcoin wallets make attractive targets for criminals, because stolen coins can be cashed out instantly, without a middleman or launderer taking a cut. And many Bitcoin users are relatively unsophisticated, protecting their wallets with very little security.
So expect Trojans and other malware that specifically look for and target Bitcoin stashes, as well as ransomware that demands Bitcoins in return for decrypting data.
Paul Rubens has been covering enterprise technology for over 20 years. In that time he has written for leading UK and international publications including The Economist, The Times, Financial Times, the BBC, Computing and ServerWatch.
By Jeff Goldman
December 12, 2013
A SailPoint survey also found that 45 percent believe employees would sell company data for the right price.