Are security providers ready for new challenges?

By : |September 30, 2010 0

PC Suraj

BANGALORE, INDIA: Enterprises across all verticals and security vendors are looking forward for a bright and secure 2010 (vendors not so bright though). But 2010 will be challenging for security providers who would leave no stone unturned to convert these challenges into opportunities. While on one hand there will be much adoption of cloud based services, social media, and virtualization in the network, concerns would grow in terms of security threats for such technologies and services as they are much more vulnerable. New cyber crime techniques like ransomware and crime as a service will lure in unsuspecting users and threaten the enterprise at large. So are security providers ready to secure 2010?

Social Networking Vulnerabilities

___________________________________________________________________________________________________________

According to Google Insights for Search Report 2009, India saw an increase in the usage of social networking sites. Leading from the front were Orkut, Facebook, LinkedIn, Twitter, and matrimonial sites apart from increasing number of blogs. While social networking has opened up a new paradigm, on the flip side these sites not only consume a lot of bandwidth, but there are also some security issues related to them which could affect the server space of organizations.

According to Vishal Dhupar, managing director, Symantec India, "2009 was the year where attacks against both social networking sites and users of those sites became the standard practice for criminals." The latter half of 2009 saw attacks utilizing social networking sites increase in both frequency and sophistication. Such sites combine two factors that make for an ideal target for online criminal activity: a massive number of users and a high-level of trust among those users. According to a recent Symantec report, social networking sites topped the list when it came to phishing attacks in most countries across the globe.

Also read: Many Security softwares fail standard test

Social networking sites have grown to become the most obvious choice for attackers due to numerous reasons. For starters, they are easy for criminals to spoof; and since social networking pages are generally trusted by users, phishing attacks mimicking them may be more successful. Profiles on social networking sites often contain a significant amount of personal information about the user. Also, spoofed social networking pages can include links to false download that require users to enter confidential data such as authentication information or credit card information that can subsequently be used for fraudulent purposes. The biggest advantage of social networking sites to spammers is the fact that they provide users with a wide variety of customization options and third party applications. Users can customize details in their profile; include links to other sites; upload images, videos; and in some cases users are even allowed to embed code into their profile page. The problem is that hackers can do all of these things as well turning all these features into potential attack vectors.

According to Kaspersky experts, there will be a shift in the types of attacks on usersfrom attacks via websites and applications towards attacks originating from file sharing networks. Already in 2009, a series of mass malware epidemics have been supported by malicious files that are spread via torrent portals. This method has been used to spread notorious threats such as TDSS and Virut as well as the first back door for Mac OS X. In 2010, there could be a significant increase in these types of incidents on P2P networks. When it comes to attacks on web services, Google Wave looks like it will be making all the headlines in 2010. Attacks on this new Google service will no doubt follow the usual patternfirst, the sending of spam, followed by phishing attacks, then the exploiting of vulnerabilities and the spreading of malware.

The definition of the network has moved much beyond the traditional LAN to encompass distributed networks, cloud based networks, social media networks, wireless networks, and virtual networks. So, data now needs to protect itself via a networking infrastructure that positions a security control at every data touch-point or internal network segment rather than just at the perimeter. Information-centric security is a more granular, intelligent and multi-layered security approach that guards against penetration of the entire network through the weakest point in the armor. Says Gareth Williams, vice president, sales, emerging markets, AVG Technologies, "Social networks are evolving fast, and are aiming to be the one-stop shop for all Internet needs. Consequently, we are spending more time with them and doing more on them." An online poll of more than 250 consumers conducted by CMO Council and AVG in Q2, 2009 examined the security issues and vulnerabilities of social community members. The survey found that a majority of social networkers suffer from web borne security problems (eg, malware, phishing, identity theft), and that 47% are concerned about the personal data loss within social networks.

According to Vikas Desai, lead technology consultant, India & SAARC, RSA, "Social networking allows people to interact with each other online. Not all of these people might have a good intention. Social networking makes it easier for fraudsters to do social engineering. With the advent of interactive games and applications tied to social networking, networkers are becoming more vulnerable."

Abhinav Karnwal, product marketing manager, APAC, Trend Micro says, "The increasing use of social networking sites is likely to give a cause to new tacks on old threat methods. Already social networks are heavily targeted by cyber criminals. Facebook, which has over 300 mn users, was the original target of the KOOBFACE botnet. Going into 2010, it is likely that social networks will continue to be one of the major targets of cyber criminals."

Nitin Jyothi, manager, McAfee Labs says, "With Facebook reaching more than 350 mn users and along with Twitters success, we expect that 2010 will take these trends to new heights." Users will become more vulnerable to attacks that blindly distribute rogue apps across their networks, and cyber criminals will take advantage of friends trusting friends to get users to click on links they might otherwise treat cautiously.

Since 2007 and the boom of social networking sites, experts have seen a sharp increase of online attacks specifically targeting the web 2.0 applications. Nearly 19 per cent of all online incidents could be touching web 2.0 sites according to a recent analysts research.

Mobile Frailties

There are more than 350 mn mobile connections in India. One of the challenges in the mobile space is that they are generally not protected, and security cannot be manually upgraded on these devices. This could lead to exposure and malicious attacks that target mobiles using unlimited social and technical vectors. Since the functionality of a mobile phone is fast approaching that of a PC or a laptop, and sensitive information such as credit card data is increasingly being shared through the phone, the threats that target PCs are now affecting mobiles as well. Be it spam, snoopware, phishing or theft of confidential data, mobile phones today are vulnerable to these threats and more.

{#PageBreak#}

Information can be stolen from devices using the short-range wireless networks of Bluetooth. Williams of AVG says, "Any mobile device that can connect to the Internet has the potential to serve as a conduit to introduce malware from the Internet to a users system or internal network. Over the next couple of years, mobile devices will mostly be targets, as users surf the web from insecure networks such as hotels, coffee shops, and educational institutes access points." Adds Bhaskar Bakthavatsalu, regional director, India & SAARC, Check Point Software Technologies, "With increasing number of people using smartphones, iPhones, and the most recent being Google launching its Nexus One, vulnerabilities in the mobile space communitywhich can be exploited by malicious people to conduct script insertion and SQL injection attacks, and potentially disclose sensitive informationare high." This indicates that the mobile space is definitely under the radar, and security for the mobile space content should be given a high priority.

There are some indications that consumer acceptance of mobile phone based financial activity is increasing with handset banking applications even being advertised on prime-time television in some countries.

Smartphones are fast becoming the next target for cyber criminals. In fact, we are now seeing that a lot of threats such as spam and phishing are increasingly going mobile. Consequently, we are seeing that the number of threats targeting hand-held devices is growing at a rapid pace. Many services delivered on the mobile are through the Internet, and hence they will have similar security concerns like phishing and pharming attacks. There are also possibilities that mobile devices are remotely intercepted/penetrated by other devices, or that viruses similar to Trojansprograms that seem safe, but install malicious code on a devicewill spread among devices via messaging or emails.

With so many applications now being made available for wireless devices like BlackBerry, attackers are looking at using the same spams used on computer users. The increasing popularity of mobile phones running the Android OS in China combined with a lack of effective checks to ensure third-party software applications are secure and will lead to a number of high profile malware outbreaks.

Needs for Filtering Content

The most valuable asset for any organization is information. Protecting sensitive data is, therefore, not just an IT requirement but a critical business need as well. Adding to the complexity is the increasingly dangerous threat landscape in India due to the growing Internet infrastructure, burgeoning broadband population and the rampant software piracy. India is fast becoming a hub of malicious activities. In an attempt to conceal spam messages from filters, spammers employ various tactics of ill intent. And for that purpose, spammers use obfuscation and/or spoofing techniques, the misuse of brand names, and many other tactics that make it difficult for content filtering to identify the spam message. Says Dhupar, "In a recent study conducted by the Ponemon Institute commissioned by Symantec, it was revealed that 38% of employees who took data while leaving an organization sent this information as email attachments to a personal email account."

Organizations need to identify and discover confidential data across a variety of devices that access the network. Once sensitive data is located, its use must be continuously tracked. There is a need for security to go beyond anti-virus, anti-spam, and content filtering to advanced measures such as endpoint security and data loss prevention. Companies need to protect information proactively by taking an information-centric approach to protect both information and interactions. By taking a content aware approach, companies will be able to manage how the information moves and who has access to it so that they can protect it in a better way. Adds Williams, "There is a worrying trend where cyber criminals use job recruitment as a means to lure unsuspecting people into potentially dangerous situations."

Users should be aware of the potential threats created by devices that are already compromised or tampered coming off the shelves. Incidents about media players and digital frames shipped with malware have already been reported in the previous years. USB devices, while offering the convenience of quick connectivity, are responsible for the spread of auto-run malware within networks.

Cyber Terrorism Hits India

Post Mumbai attacks, there are growing concerns as to how safe can technologies be, considering whatever happened was shocking and a setback. Also lessons need to be learnt regarding developing stronger security solutions going forward. Symantec has engaged in an aggressive cyber crime education initiative to educate users on the common sense steps that they can take to protect themselves online. Security is becoming more and more complex and challenging with the increased sophistication of attacks. Says Desai of RSA, "We are not considering cyber terrorism in particular, but it is an important part of our solution offerings when we talk about cyber threats, vulnerabilities, and dark cloud." According to Bakthavatsalu, "Enterprises should rely on a robust unified security architecture that incorporates a good firewall and powerful IPS to detect blended threats, and shield against all sorts of security attacks." This should be complemented by a comprehensive endpoint security solution to protect the endpoints against proliferating malwares like worms, Trojans, spyware, and other malicious code that can threaten business continuity. It should also mitigate risks like data loss and leakage at the endpoint. Organizations should also ensure that their Wi-Fi hot spots remain secure from external attacks.

Says Karnwal, "Owing to the benefits cloud computing and virtualization offer consumers and businesses, it is likely that adoption rates will certainly go up. A tough economy is also driving companies globally to adopt more cost-effective measures and pursue efficiency. This is one of the main reasons why analysts expect the virtualization industry to hit over $7 bn over the next four years. Cloud computing brings many benefits, there is no doubt, but education and awareness of associated risks is also necessary."

Cyber crime is becoming a global phenomena. With cyber crime becoming more organized and sophisticated, cyber criminals have little fear of law enforcement. According to McAfee, focus is to bring together the security industry, national governments, law enforcement bodies and NGOs to fight cyber crime. Consumer awareness against cyber attacks will also be the primary focus for McAfee in 2010.

Security Cover For Cloud Services

One of the major concerns while adopting a cloud strategy is security. Threat to data privacy is a major risk associated with cloud based services. By adopting cloud based services companies could be exposed to risks and vulnerabilities. Since the information travels to and from protected networks via a public pipe, it creates many more opportunities for data infection or theft. Securing the cloud will be an essential part of the IT security strategy for all enterprises as services such as storage for rent, software as a service, virtual IT, and application hosting heats up. This is especially important as data in motion from the cloud back to the corporate network contains risks of infection for the now borderless, virtual perimeter. Cloud computing is transforming IT service delivery. With the right strategy and technologies, organizations can realize the cost and operational benefits of the cloud while mitigating the potential risks.

"The biggest challenge of cloud computing is perhaps data security and privacy. Its a huge challenge to ensure that the right person gets access to the right content at the right time. This needs a solution which is not generic as well as dynamic," says Desai. According to Williams, "Were seeing a huge increase in the number of transient threats that reside for only a short time on well respected websitesthe here today, gone tomorrow threats." Cyber criminals currently produce 20,000 to 30,000 new and unique pieces of malicious code every day in order to make it difficult for signature scanners to keep up. Because this is an automated process, these numbers can easily double or even triple by the end of 2010.

Says Bakthavatsalu, "Security is an issue which would definitely impede cloud implementations for some time. Many organizations would not like the idea of having no control over the security of this data since it is the cloud vendor who enforces the security and takes care of other compliance measures. At the end, it is an organizations decision whether to allow its data outside the organization, or how much you trust your cloud vendor.
 

No Comments so fars

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.