The Latest in IT Security

Likely Advances in the Threat Landscape and How We Respond to Them in 2014

22
Jan
2014

It’s that time of the year again. Time not only to make resolutions (which I fully plan to keep for at least a whole month), but also some predictions on what the future holds for security. One thing is for certain, the threats that companies face will continue to accelerate. And while that might seem like a very obvious and not so insightful observation, the devil is in the details. Here are the trends both in the threats and how we will respond to them in 2014.

First on the attack side, malware distribution is certainly going to become more complex and pervasive.

• Customized Malware-as-a-Service (MAAS) to Accelerate the Death Clock on Signature Detection

The availability of new malware creation services in underground markets will make it easy for attackers—with little skill or effort—to create customized exploits. These tools let malware authors upload malware, run tests against all popular AV engines, and identify those that will not detect threats. The tools then give the malware authors customized HTML code they can inject into various Web pages to cause visitors to load the malware in a hidden iframe.

These MAAS tools, which are being commercialized on the black market, enable the distribution of customized attacks for just a few dollars. Some even let attackers build malware by dragging and dropping features into an interface without even needing to know how to write code. As this customized malware becomes more common, I predict even less efficacy of signature-based defenses and a move by the industry to more heuristic-based defense.

• More Popular Trusted Websites to Host Malware

We will also see a shift in distribution from easily detected websites dedicated solely to placing malware on machines to hacks of legitimate websites not as likely to set off alarm bells. Driven by Google’s diligent blacklisting efforts of illegitimate websites hosting malware, attackers will look to use techniques such as Cross-Site Scripting (XXS) to place malware on legitimate sites. As attackers increasingly find their own channels blacklisted by Google and find it harder to rely on sites dedicated to hosting malware for distribution, only those leveraging an extreme degree of specificity and evasion will succeed in the long run. Everyone else will fail miserably.

• Android Adoption—and Android Malware—to Outpace Competitors

The current trends in Smartphone and tablet adoption will continue, if not intensify. The result will be an even more tilted mobile ecosystem, in which Google’s Android consolidates its position as the most popular mobile operating system and primary attack target for malicious actors interested in compromising mobile devices. While direct attacks on Android are possible, we expect the current focus on Trojanizing mobile applications to continue, as attackers are still realizing plenty of success in penetrating official and third-party Android application marketplaces.

On the industry side, what are some of the most likely areas we are likely to see discussed in 2014 and what are the implications?

• Security to Become the Killer App for Software Defined Networking (SDN)

In 2014, SDN will foster the rise of virtual networking focusing on activation, configuration, and service chaining—the ability to direct traffic flows along a designated path. Companies will be able to intelligently distribute security capabilities at the service layer for quicker and easier data center deployments. We are seeing many in the industry release virtualized versions of security controls that could lend themselves to software deployments.

• Active Defense to Gain Acceptance

Attackers take advantage of a fundamental asymmetry created by the passive nature of traditional security defenses. In response, more companies will adopt active defense techniques, like Intrusion Deception, to identify attackers and take real-time action to disrupt and frustrate their efforts. While the ethical and legal debates about the proper rules of engagement for companies will continue, acceptance of many active defense techniques is likely to grow.

Finally, what significant changes might we see from individual users either as consumers or employees and what will it mean for companies?

• Data Privacy Concerns to Change User Behavior

With revelations of widespread NSA surveillance, there is greater concern over privacy than ever before. This will lead to more people and businesses taking precautions to protect information. For the security community, this will likely mean an increasing demand by companies for new and stronger encryption. For consumers, we are likely to see an increase in the use of privacy enhancing technologies like the TOR network, HTTPS Everywhere, Ghostry, VPN, and private e-mail services.

While positive for privacy, it is an unfortunate development for security. As more users adopt these technologies, security administrators will begin to lose visibility and control over network traffic. With less ability to differentiate between desirable and undesirable traffic, administrators and security solutions will be less capable of defending networks.

It’s unclear if all of these predictions will come true and inevitably there will be events that happen that are impossible predict (hello NSA), but here’s hoping that they at least provide some good food for thought. What do you think?

Related Reading:Strategic Thinking – IT Planning and Risk in 2014

Related Reading:A Cyber Security New Year’s Resolution: Simplify Security

Related Reading:Planning for Network Security in 2014

Related Reading:What Would Nostradamus Have Said About Cyber Security in 2014?

Tweet

Michael Callahan is the vice president of global product marketing for the Security Business at Juniper Networks. Prior to Juniper, Callahan was the vice president of product and solution marketing, enterprise security products group at HP. Callahan joined HP through the acquisition of TippingPoint where he served as vice president responsible for corporate, field and product marketing. Prior to joining TippingPoint, he served as vice president and chief marketing officer for CREDANT Technologies. Callahan also spent seven years with McAfee in various marketing roles. He holds a bachelor’s degree in engineering from Ohio State University and a MBA from the University of South Carolina.

Previous Columns by Michael Callahan:Likely Advances in the Threat Landscape and How We Respond to Them in 2014Exercising Alternatives to Detect and Prevent Brute Force AttacksExamining The Security Implications of Healthcare.govWhy You Should Connect and Protect in the CloudIn the Smart World, Sharing Is Caring

sponsored links

Tags: INDUSTRY INSIGHTS

Network Security

Application Security

Data Protection

Management Strategy

Comments are closed.

Categories

THURSDAY, MARCH 28, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments