Eight Security Predictions for 2014
Posted by Elisabeth Olsen on 15 November 2013 04:48 AM
2013 was not an easy year in cybersecurity—and we expect 2014 attacks will be even more complex. In a new report out today, Websense Security Labs researchers collectively outlined eight predictions and recommendations for 2014. To read the full report, please visit www.websense.com/2014predictions. In addition, below is an infographic for quick reference.
Here are the highlights:
1. Advanced malware volume will decrease.
According to the real-time telemetry feeds in Websense ThreatSeeker® Intelligence Cloud, the quantity of new malware is beginning to decline. Unfortunately, this is bad news for organizations.
Cybercriminals will rely less on high-volume advanced malware because over time it runs a higher risk of detection. They will instead use lower volume, more targeted attacks to secure a foothold, steal user credentials and move unilaterally throughout infiltrated networks. Although the volume of attacks will decrease, the risk is even greater.
2. A major data-destruction attack will happen.
Historically, most attackers have used a network breach to steal information for profit. In 2014, organizations need to be concerned about nation-states and cybercriminals using a breach to destroy data.
3. Attackers will be more interested in cloud data than your network.
Cybercriminals will focus their attacks more on data stored in the cloud vs. data stored on the network. This tactical shift follows the movement of critical business data to cloud-based solutions. Hackers will find that penetrating the data-rich cloud can be easier and more profitable than getting through the “castle walls” of an on-premises enterprise network.
4. Redkit, Neutrino, and other exploit kits will struggle for power in the wake of the Blackhole author arrest.
We will see a fight for market leadership between a number of new entrants and existing exploit kits in 2014. We anticipate Redkit and the Neutrino exploit kit will secure a strong foothold in the coming year.
5. Java will remain highly exploitable and highly exploited—with expanded repercussions.
Most end points will continue to run older versions of Java and therefore remain extremely exposed to exploitation. In 2014, cybercriminals will devote more time to finding new uses for tried-and-true attacks and crafting other aspects of advanced, multi-stage attacks.
6. Attackers will increasingly lure executives and compromise organizations via professional social networks.
As social networking continues to appeal to the business community in 2014, attackers will increasingly use professional websites, such as LinkedIn, to research and lure executives. This highly targeted method will be used to gather intelligence and compromise networks.
7. Cybercriminals will target the weakest links in the “data-exchange chain.”
Attackers will go after the weakest links in the information chain and target the consultants outside the network who have the most information. This includes consultants, contractors, vendors and others who typically share sensitive information with the large corporate and government entities. And, it turns out, few of these partners have sufficient defenses.
8. Mistakes will be made in “offensive” security due to misattribution of an attack’s source.
For several years, we’ve been hearing more about “offensive” security, where global governments and enterprises have been threatening retaliatory strikes against anyone caught attacking them or their interests. Failure to accurately identify a cyber-perpetrator could result in an innocent organization being caught in the crossfire.
Read more »
2013 Threat Report: More Than Scary Stats and Chilling Charts
Posted by Carl Leonard on 13 February 2013 02:00 PM
The 2013 Threat Report from the Websense® Security Labs™ is now available.
The report details mobile, social, email and web-based threats, and while it is full of ominous data points, it is a very interesting read. The report is designed to help security professionals keep current with threat trends and improve the effectiveness of existing security solutions. It can also be used to identify and prioritize security gaps that may require new approaches and more innovative strategies.
Creating the report began with the ThreatSeeker® Network, composed of big data clusters used by the WSL to collect and manage up to 5 billion inputs each day from 900 million global endpoints. Malware samples, mobile applications, email content, web links and other information were then passed through deep analysis processes including our Advanced Classification Engine (ACE), which applied over 10,000 different analytics.
Read more »