/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsSAN DIEGO, USA: Cyber security attracted a lot of attention with nation-state attacks, numerous high-profile data breaches and prominent cyber-criminal arrests this year. Today, cyber-security researchers from Websense Security Labs outlined their 2014 predictions to help organizations defend against attacks throughout the entire threat kill chain.
Charles Renert, VP of security research for Websense, said: "Bypassing traditional defenses was raised to an art form by cyber-criminals in 2013. In 2014, cyber-attacks will be even more complex and diverse. While the general volume of advanced malware will decrease, we predict the volume of targeted attacks and data destruction incidents will increase. Organizations must up their security game as attackers continue to seek new ways to penetrate traditional defenses at every stage of the threat lifecycle."
The highlights of Websense 2014 Security Predictions include:
1. Advanced malware volume will decrease.
According to the real-time telemetry feeds in Websense ThreatSeeker Intelligence Cloud, the
quantity of new malware is beginning to decline. Cyber-criminals will rely less on high-volume advanced malware because over time it runs a higher risk of detection.
They will instead use lower volume, more targeted attacks to secure a foothold, steal user credentials and move unilaterally throughout infiltrated networks. Although the volume of attacks will decrease, the risk is even greater.
2. A major data-destruction attack will happen.
Historically, most attackers have used a network breach to steal information for profit. In 2014, organizations will need to be concerned about nation-states and cyber-criminals using a breach to destroy data. Ransomware will play a part in this trend and move down market to small and medium sized organizations.
3. Attackers will be more interested in cloud data than your network.
Cyber-criminals will focus their attacks more on data stored in the cloud vs. data stored on the network. This tactical shift follows the movement of critical business data to cloud-based solutions. Hackers will find that penetrating the data-rich cloud can be easier and more profitable than getting through the "castle walls" of an on-premise enterprise network.
4. Redkit, Neutrino and other exploit kits will struggle for power in the wake of the Blackhole author arrest.
The Blackhole exploit kit was arguably the most successful in history. Everything changed in October 2013 when "Paunch," the alleged hacker author behind the famous kit, was arrested in Russia. A fight for market leadership between a number of new entrants and existing exploit kits will be seen in 2014. Redkit and the Neutrino exploit kit are anticipated to secure a strong foothold in the coming year.
5. Java will remain highly exploitable and highly exploited-with expanded repercussions.
Most end points will continue to run older versions of Java and therefore remain extremely exposed to exploitation. In 2014, cyber-criminals will devote more time to finding new uses for tried-and-true attacks and crafting other aspects of advanced, multi-stage attacks. Attackers will reserve zero-day Java exploits for targeting high-value networks with good Java patching practices.
6. Attackers will increasingly lure executives and compromise organizations via professional social networks.
As social networking continues to appeal to the business community in 2014, attackers will increasingly use professional websites, such as LinkedIn, to research and lure executives. This highly targeted method will be used to gather intelligence and compromise networks.
7. Cyber-criminals will target the weakest links in the "data-exchange chain."
Attackers will go after the weakest links in the information chain and target the consultants outside the network who have the most information. This includes consultants, contractors, vendors and others who typically share sensitive information with the large corporate and government entities. And, it turns out, few of these partners have sufficient defenses.
8. Mistakes will be made in "offensive" security due to misattribution of an attack's source.
For several years, there has been talk about "offensive" security, where global governments and enterprises have been threatening retaliatory strikes against anyone caught attacking them or their interests. As in traditional warfare, tactical mistakes will increasingly happen in these cyber-trenches. Failure to accurately identify a cyber-perpetrator could result in an innocent organization being caught in the crossfire.
Â