Last year, the topic cyber security made headlines with attacks on national level, spectacular cases of data abuse and the arrest of prominent hackers. The more interesting it is to take a look at Websense Security Labs predictions for 2014, as the security expert forecasts in its recently published report eight major threats that will approach us this year:
1. The quantity of malware drops, but the quality increases
The real-time feeds of ThreatSeeker Intelligence Cloud indicates that although fewer new malicious software is released, there is no reason for an all-clear, on the contrary. Cybercriminals are working less with high-volume malware because of the higher risk of being discovered over time. Instead, they are progressively trying to get access rights with targeted attacks to make their way through the infiltrated network. Thus, the risk of becoming a victim of an attack actually increases, even if the volume decreases.
2. There will be a big case of data destruction
So far, hackers have mainly tried to make profit with stolen information. In 2014, companies must be prepared for attacks with a new design, as national states and cybercriminals are gradually trying to break into networks to destroy data. Here, the so-called ransomware, malicious programs with which the intruder can prevent access to data and its use, will play an important role.
3. Data attacks are increasingly in the cloud
Cybercriminals will focus their attacks more on data stored in the Cloud. With this tactical pivot they follow the shift of critical business data into cloud-based solutions. The hackers will find that it is easier and more rewarding to penetrate into the data-rich Cloud than into corporate networks.
4. Redkit, Neutrino and other exploit kits are fighting for the follow-up Black Hole
Black Hole was probably the most successful exploit kit in history. But it was all over when in October 2013 the alleged author of the infamous kit, the "Paunch", was arrested in Russia. Numerous new and old exploit kits will fight for the legacy of Black Hole this year and Redkit and Neutrino will play a major role.
5. Java remains particularly vulnerableAs there will be still many outdated versions of Java in use that provide a gateway for exploits, cybercriminals will spent even more time on advanced attack methods to refine their tactics.
6. Attackers increasingly lure executives
As the business community will continue to use social networks extensively in 2014, cybercriminals will increasingly do research on managers on sites like LinkedIn and lay their bait there. With this highly targeted method, they want to get information that is useful to compromise corporate networks.
7. Attacks target the weakest link in the information chain
Attacker will increasingly target groups this year which are outside of the network and have valuable information, including consultants, suppliers and others who are sharing sensitive information with companies and authorities.
8. Offensive defense leads to errors
For several years, an aggressive defense against cybercrime is under discussion. Governments and companies around the world threaten with retaliatory strikes, if caught in an attack attempt, however, problems with the unique identification of cybercriminals could cause innocent people to get targeted as well.
The complete report can be downloaded here.
By Daniela La Marca