Home Business IT Security Striking back against cyber security threats: how effective will it really be?
Get all your tech news delivered to your mail box five days a week
iTWire UPDATE - it's FREE!


An increase in emerging cyber threats and an increased focus by governments to fight back through legislation, along with greater security industry focus on striking back against attacks, is predicted for 2013, but the security solutions provider making the prediction doesn’t think the measures will be effective.

WatchGuard Technologies, in its annual security predictions, warns that 2013 is likely to be a year where the security stakes reach new heights and attacks become more frequent and more damaging, as many organisations suffer attacks before taking measures to protect themselves from the bad guys.

“While the security industry is predicted to focus on ‘strike back’ measures, WatchGuard predicts these actions will be ineffective and ultimately unviable for most organisations," warns WatchGuard’s Director of Security Strategy, Corey Nachreiner.

According to Nachreiner, this year has been an “eye-opening year in cyber security as we saw the number of new and more sophisticated vulnerabilities rise, impacting individuals, businesses and governments."

On so-called strike back, Nachreiner says it gets a lot of lip service, but does “little good.”

Nachreiner says strike back - which refers to launching a counter-offensive against cyber hackers - won't be implemented in most organisations, despite getting a lot of attention.

According to WatchGuard, "strike backs" can include filing lawsuits, launching cyber espionage campaigns, or even launching counter cyber-attacks against attackers, but Nachreiner says he anticipates most organisations won't implement these measures given the” jurisdictional challenges of digital attacks which bounce through several countries.”

“Plus, criminals have the ability to plant "false flags" in malware, tricking victims and authorities into thinking someone else is behind the attack.”

Other security predictions and observations by WatchGuard for 2013 include:

•    A Cyber Attack Results in a Human Death

WatchGuard hopes it is wrong in this prediction. But with more computing devices embedded in cars, phones, TVs and even medical devices, digitally dealt death is not only possible, it's plausible. Security is still often an afterthought when developing innovative technical systems. Criminals, hacktivists, and even nation-states are launching increasingly targeted cyber-attacks, resulting in the destruction of physical equipment. Most recently, a researcher even showed how to wirelessly deliver an 830 volt shock to an insecure pacemaker, proving that digital attacks can have a real-world impact.

•    Malware Enters the Matrix through a Virtual Door

Last year was the first real-world instance of malware that sought out virtual machines (VMs) and infected them directly. Today, there is an emergence of malicious code that can recognise when it's running in a virtual system and can act accordingly. In 2013, WatchGuard predicts attackers will create even more VM-targeted malware. It will be designed to take advantage of weaknesses found in many virtual environments, while attempting to avoid virtualised automatic threat detection systems.

•    It’s Your Browser - Not Your System - that Malware Is After

WatchGuard anticipates a steep rise in browser-infecting malware in 2013. With increased adoption of cloud services like online banking, a great deal of personal and sensitive data passes through web browsers. Many antivirus solutions are focused on catching traditional malware which infects an operating system and aren't as effective at detecting browser-based infections. Now, a new type of malware has emerged. Sometimes called a Man-in-the-Browser (MitB) or browser zombie, it arrives as a malicious browser extension, plugin, helper object, or piece of JavaScript. It doesn't infect the whole system; instead it takes complete control of a browser and runs whenever the victim surfs the web.

•    We'll Pay for Our Lack of IPv6 Expertise

Next year, WatchGuard expects to see an increase in IPv6-based attacks and IPv6 attack tools. While the IT industry continues to be slow at adopting IPv6 into their networks, most new devices ship IPv6-aware and can create IPv6 networks on their own. Many IT professionals don't have a deep understanding of IPv6's technicalities, yet they have IPv6 traffic and devices on their networks. This also means most administrators haven't implemented any IPv6 security controls, opening the door to attackers looking to exploit unprotected weaknesses.

•    Android Pick Pockets Try to Empty Mobile Wallets

Based on the following three factors, WatchGuard expects to see at least one vulnerability, even if just a proof-of-concept, that allows attackers to steal money from Android devices.

•    Mobile malware is skyrocketing

Cyber criminals are targeting Android devices more than any other because of the platform's openness.  People are increasingly using mobile devices for online payments. Plus, many vendors, including Google, are starting to launch Mobile Wallets, which attaches credit cards to mobile devices.

•    An Exploit Sold on the "Vulnerability Market" Becomes the Next APT

WatchGuard expects that at least one auctioned-off zero day exploit will emerge as a major targeted attack this year. Vulnerability markets or auctions are a new trend in information security, allowing so-called "security" companies to sell zero day software vulnerabilities to the highest bidder. While they claim to "vet" their customers and only sell to NATO governments and legitimate companies, there are few safeguards in place to prevent nefarious entities to take advantage.

•    Important Cyber Security-Related Legislation Finally Becomes Law

In 2013, expect the U.S. government to pass at least one new cyber security act, which will likely impact private organisations. The U.S. government has been trying to pass cyber security bills that give the president and various government agencies some control over what happens in the event of cyber-attack on U.S. infrastructure. The government also wants more cooperation among private infrastructure organisations and U.S. intelligence agencies. Many are pressing for the government to enact more detailed cyber crimes laws, which may help prosecute digital crimes. On top of that, some organisations are lobbying for tougher digital IP enforcement, which privacy advocates often oppose. While 2012 proved to be a difficult year for passing new cyber legislation, WatchGuard expects this year to be different.

ITWIRE SERIES - REVENUE-CRITICAL APPS UNDERPERFORMING?

Avoid War Room Scenarios and improve handling of critical application problems:

• Track all transactions, end-to-end, all the time and know what your users experience 24/7

• View code level details with context and repair problems quickly

• Fix problems in minutes before they wreak havoc

• Optimize your most important applications, Java, .NET, PHP, C/C++ and many more

Start your free trial today!

CLICK FOR FREE TRIAL!

ITWIRE SERIES - IS YOUR BACKUP STRATEGY COSTING YOU CLIENTS?

Where are your clients backing up to right now?

Is your DR strategy as advanced as the rest of your service portfolio?

What areas of your business could be improved if you outsourced your backups to a trusted source?

Read the industry whitepaper and discover where to turn to for managed backup

FIND OUT MORE!

Peter Dinham

 

Peter Dinham is a co-founder of iTWire and a 35-year veteran journalist and corporate communications consultant. He has worked as a journalist in all forms of media – newspapers/magazines, radio, television, press agency and now, online – including with the Canberra Times, The Examiner (Tasmania), the ABC and AAP-Reuters. As a freelance journalist he also had articles published in Australian and overseas magazines. He worked in the corporate communications/public relations sector, in-house with an airline, and as a senior executive in Australia of the world’s largest communications consultancy, Burson-Marsteller. He also ran his own communications consultancy and was a co-founder in Australia of the global photographic agency, the Image Bank (now Getty Images).

Connect