January 20, 2014 Leave a comment
Using the dynamic events of 2013 as a baseline and future indicator, we’ve set out to predict the security threats and headline-making trends that will plague the industry in 2014.
1. The Rise of In-Memory Attacks or Advanced Volatile Threats (AVTs)
A growing number of cyber-exploits are designed to elude current defenses by attacking computers in their volatile memory. Triumfant refers to this technique as Advanced Volatile Threats (AVTs). These memory-based attacks enable a hacker to access a computer’s random access memory (RAM) or other volatile memory processes to redirect a computer’s behavior. AVTs allow attackers to steal data or insert malware, but because they are never stored in long-term memory, they can be difficult to detect. Triumfant cautions organizations to invest in endpoint defense solutions that continuously scan for objects that may be manipulated in-memory so that memory-based attacks never become persistent threats.
2. World Sporting Events Create Opportunities for Mischief and Harm
The upcoming Winter Olympics and World Cup provided sophisticated hackers and nation-state actors with a high-profile venue to ramp up criminal and cyber-espionage activities. Taking a cue from the media industry breach in 2013 — which saw The New York Times and other major media companies compromised by the Chinese military to find information on Chinese leaders — governments, media outlets and commercial organizations should be on high alert, instituting new services to detect, counter and mitigate threats. A layered approach to security to protect sensitive systems and data is needed, one that includes endpoint security measures as part of the overall defense-in-depth strategy.
3. Mobile Malware and Network-Connected Devices Ripe with Vulnerabilities
As corporate cloud-based networks proliferate and more people work from home, hackers will develop new types of attacks on remote platforms. The rapid adoption of network-connected devices, by consumers and businesses, will make the “Internet of Things” more attractive to cybercriminals. Security vulnerabilities are rampant in embedded devices, as manufacturers hurry to bring new product to market, all too often making security an afterthought. This need for speed may also have contributed to the Target breach, where a three-year “smart card” pilot was cancelled because it was shown to slow check-out times. The Target breach also points to the flaws of the payment card industry’s data security standards (PCI-DSS) which only conducts audits on a monthly basis. Major retailers should deploy endpoint security on check-out terminals, in additional to the processing servers, to ensure continuous monitoring of breaches and that the systems are audit-ready every day.
4. Rapid Detection Becomes the New Prevention
Attacks happen. The security industry is beginning to rethink its focus on protecting the perimeter, shifting its mindset and focus to rapid detection and prevention. Endpoint security is the final frontier — picking up where network-based tools fall short. With the understanding that breaches are going to happen, 2014 will see more resources devoted to detection and remediation than in years past. According to research from Enterprise Strategy Group (ESG), 51 percent of enterprise organizations say they will add a new layer of endpoint software to protect against zero day and other types of advanced malware.