[BreachExchange] The top security trends you need to know right now
Audrey McNeil
audrey at riskbasedsecurity.com
Mon Apr 11 19:05:02 EDT 2016
http://www.itproportal.com/2016/04/08/the-top-security-trends-you-need-to-know-right-now/
At the moment, there is more focus on cybersecurity than at any time
before, so it’s important to look at the current trends and how they will
play out over the coming months. We are at the start of a wave of changes
which are unpredictable, but business leaders need to pay attention. If we
start to understand the trends of today, it will give us a good indication
of where security issues are going to arise tomorrow. Outlined below are
the top security trends that we need to be aware of:
DDoS extortion will become more common
In 2014 we saw a new threat, DD4BC, arise. In 2015 it went away, but was
immediately replaced by the Armada Collective. Both groups sent threatening
emails requiring the payment of a small number of bitcoins, otherwise the
company’s site would be taken offline. The success of these groups has led
to the Armada Collective becoming more aggressive and a number of copycats
have arisen. There’s no doubt in my mind this will continue this year and
get much worse as more criminals see the potential profits of DDoS
extortion.
The Internet of Things will be compromised
The Internet of Things (IoT) isn’t a single technology or product, but
rather a whole class of technologies and products, most of which were
designed and developed with nothing more than a passing thought to
security. At the end of last year, the best examples of dangers of IoT were
Hello Barbie and the compromise of toy manufacturer VTech.
IoT devices are collecting more information about their owners than most
people realise, and even if the devices are perfectly secure, the services
behind these devices often leave a lot to be desired in terms of security.
This data is valuable and we’ll see more compromises of the tools and toys
of IoT, as well as the companies that are collecting our personal data.
Security won’t improve markedly
This is one trend I hope I’m misreading, but nearly two decades in the
security field tell me I’m not. Despite the many claims of security vendors
that they have the one technology that can solve all of your security woes,
no such product exists. Instead, we have to realise that we’re looking at a
long, slow haul of minor improvements to security, measured in decades, not
years.
Companies will find new, better ways to secure their systems, attackers
will find new, better ways to compromise them. Slowly, over time, we’ll
figure out how to do a better job of building software and systems that are
secure from the ground up. It’s actually more likely that security will
seem to get worse but that will be a symptom of organisations getting
better at recognising the indicators of a compromise.
Government will have a major impact on security
China has always required access to all traffic on their Internet, while
Russia passed a law in 2014 mandating that its citizens’ traffic stay in
the country and be available to officials. Both the USA and the UK have
been lobbying Silicon Valley companies to give them access to encrypted
communications and in the wake of the Paris attacks, France is considering
outlawing Tor and public WiFi access.
Politics aside, it’s clear that governments around the world are seeing the
need to be heavily involved in legislating the Internet and this will have
a huge impact on the security of individual businesses as well as the
Internet as a whole. If you’re not paying attention to this changing
landscape, then new legislation is going to blindside you, not a position
any security professional should be in.
The unknowable unknowns
While many of our concerns are about the things we can predict, there’s
never been a lack of unforeseen incidents. Every organisation will have at
least one incident in 2016 that couldn’t have been predicted by
extrapolating current trends towards the future. The secret that we need to
understand as security professionals is identifying as many of the knowable
threats as possible and then build a program that addresses the known
threats while being flexible enough to deal with the unknown as well.
Do you have a plan for rebuilding your web servers if they’re compromised?
Take it a step further: what if your AD servers are affected? Take it to
the worst-case scenario and have a plan to deal with your whole network
being wholly owned. It might sound like going overboard, but it’s happened
to Sony and the OPM in the US and it’s probably happened to other
organisations who haven’t made the news yet.
Review your processes and procedures with an eye towards making sure they
support your goal of keeping your organisation secure, even if something
completely unforeseeable happens. What’s your plan for the zombie
apocalypse? It should probably look a lot like your plan for an infectious
disease outbreak.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160411/6f928ef5/attachment-0001.html>
More information about the BreachExchange
mailing list