More IT Security Threats In 2012

[webfact]

More IT security threats in 2012

The Nation

Security predictions for 2012 point to trends towards ever more sophisticated attackers and away from the PC-centric desktop.

Trend Micro has come up with the prediction, which cover four main categories - big IT trends, mobile landscape, threat landscape, and data leaks and breaches.

Trend Micro's chief technology officer, Raimund Genes, said that what these predictions mean are that users in 2012 will need to continue moving towards a more data-centric model for effective security and privacy as they embrace consumerisation, virtualisation, and the cloud.

Among big IT trends, the Bring-Your-Own-Device (BYOD) era is here to stay. As more and more corporate data is stored or accessed by devices that are not fully controlled by IT administrators, the likelihood of data loss that are directly attributable to the use of improperly secured personal devices will rise. IT will definitely see incidents of this nature in 2012.

Another prediction is that attacks specifically targeting virtual machines (VMs) and cloud-computing services remain a possibility. Attackers will find no immediate need to resort to these because conventional attacks will remain effective in these new environments.

Virtual and cloud platforms are just as easy to attack but more difficult to protect. The burden will thus fall on IT administrators, who have to secure their company's critical data as they adopt these technologies. Patching a big array of virtualised servers is a challenge, allowing hackers to hijack servers, to fork traffic, and/or to steal data from vulnerable systems.

In the mobile landscape, smart phones and tablet platforms, especially Android, will suffer from more cyber-criminal attacks. Since smart-phone usage continues to grow worldwide, mobile platforms will become even more tempting cyber-criminal targets. The Android platform, in particular, has become a favourite attack target due to its app distribution model, which makes it completely open to all parties. We believe this will continue in 2012 although other platforms will also come under fire.

To date, mobile platform threats come in the form of malicious apps. Moving forward, Trend Micro said it expects cyber-criminals to go after legitimate apps as well. They will likely find either vulnerabilities or coding errors that can lead to user data theft or exposure. Compounding this further is the fact that very few app developers have a mature vulnerability handling and remedy process, which means the window of exposure for these flaws may be longer.

On the threat landscape, even though botnets will become smaller, they will grow in number, making effective law enforcement takedowns more difficult to realise. Botnets, the traditional cyber-crime tool, will evolve in response to actions taken by the security industry. The days of massive botnets may be over. These may be replaced by more, albeit smaller but more manageable, botnets.

Smaller botnets will reduce risks to cybercriminals by ensuring that the loss of a single botnet will not be as keenly felt as before, Trend Micro said.

Hackers will eye non-traditional targets so flawed Internet-connected equipment, ranging from SCADA [supervisory control and data acquisition] heavy industrial machinery to medical gadgets, will come under attack.

Cyber-criminals will find more creative ways to hide from law enforcement. Cyber-criminals will increasingly try to profit by abusing legitimate online revenue sources such as online advertising. This will help them hide from the eyes of both law enforcement and anti-fraud watchdogs hired by banks and other financial agencies.

For data leaks and breaches, more hacker groups will pose a bigger threat to organisations that protect highly sensitive data. Organisations will have to deal with this new threat and to increase their efforts to protect vital corporate information.

The new social networking generation will redefine "privacy". Confidential user information is ending up online. The new generation of young social networkers have a different attitude towards protecting and sharing information. They are more likely to reveal personal data to other parties such as in social-networking sites. They are also unlikely to take steps to keep information restricted to specific groups such as their friends. In a few years, privacy-conscious people will become the minority - an ideal prospect for attackers.

As social engineering becomes mainstream, server message blocks will become easy targets. To date, the craftiest social engineering ploys have been directed against large enterprises. However, cyber-criminals are now so adept at social engineering that the effort to target companies individually - big or small - is becoming less costly, according to Trend Micro.

New threat actors will use sophisticated cyber-crime tools to achieve their own ends. Targeted attacks will continue to grow in number in 2012.

More high-profile data-loss incidents via malware infection and hacking will occur in 2012. High-profile attacks will continue to hit major organisations in 2012. Important and critical company data will be extracted through malware infection and hacking. As a result, significant data-loss incidents will ensue, potentially affecting thousands of users and their personal information. These incidents can result in significant direct and indirect losses to concerned parties, according to Trend Micro.

-- The Nation 2011-12-20

[paulswebb]

Surprisingly no smart arse replies to this article for a change. Must admit it went over my head

[elcent]

they're already attacking. My trace goes to China, India and the US. They're attacking servers directly in root and mySQL which is forcing hosts to disable shell_exec, which is badly needed by many scripts and programs, so at least they can run other sites.. Especially the Chinese come often through companies in the US. They are probably hacking under the disguise of Muslim extremists or work together .I probably will release data from about 1500 spammers who had their emails verified. In many cases they tried to hide the IP, but failed in another whois search.

It somehow shows the pattern as the one previously described by the NSA.

I just hope that this is not a false flag as this seems to be another serious threat ahead.

I'm almost certain that some big shots will get arrested soon.

As with everything else, it can be traced back to the real sources. Certainly arrests will be made soon. The first patch of international arrest warrants is probably issued already.

Edited December 20, 2011 by elcent

[elcent]

BTW, Joomla scripts had a hic-up during the attacks , but survived great. If you don't have the latest upgrades do it now.

All those who patched CMS scripts together will be most vulnerable. They simply don't have the expertise of many experts like Joomla or WordPress.

[sparebox2]

Surprisingly no smart arse replies to this article for a change. Must admit it went over my head

No one want to risk a reply.

The law is heavy on this one.

All our IP are loged.

[urandom]

this article could have been written two years ago or in one year from now. this is not news, nothing to see here.

[Lannig]

Yet another this-is-what-my-crystal-ball-tells-me article I'd say.

Attacks on VMs and clouds? Where I work I manage a large farm of virtualized servers and I really can't see why that would make the slightest difference as far as the surface presented to attackers goes. Since the article doesn't elaborate on this, I would classify this as FUD.

Android? yeah sure. That's hardly news.

Bring-Your-Own-Device? oh yes that's a real headache for corporate IT folks like me. Unfortunately beancounters only see the savings made by buying less workstations. They completely neglect the serious security-related consequences as well as the huge workload and unsolvable problems it creates to IT people. Who am I to tell the owner "don't install crapware on your PC"? It's his box!

I'd venture that the crisis will be a major factor if 2012 sees more IT breakins. Less staff, no money to put in firewalls and security-software ("just put AVG or Avast on your own notebook and bring it to work").

Just my two satangs...

[Crushdepth]

Not mentioned: Governments accessing private cloud data for unhelpful reasons.

[retell]

Surprisingly no smart arse replies to this article for a change. Must admit it went over my head

some very smart ,(trendmicro) plugger

[retell]

BTW, Joomla scripts had a hic-up during the attacks , but survived great. If you don't have the latest upgrades do it now.

All those who patched CMS scripts together will be most vulnerable. They simply don't have the expertise of many experts like Joomla or WordPress.

you say it true (not the company)

yes it is

glad to see people that know how the keyboard works

[schnazzy]

The trend plug article is standard fair. A bit of FUD but not as much as is the norm in InfoSec. Most of the predictions can be used from year-to-year and are almost at the palm readin level. Having said that, it is good fud to shovel at your CIO so maybe you can get a new XXXXX or XXXXX security toy to play with and put on your CV.

As far as IPs being logged, yes but who is even looking at the logs before they get wiped for clearing space, and besides. You can alway use a XXXXX so a different IP than your real one will be logged.