Ahmedabad, Dec. 23: Cyberoam, a leading global provider of network security appliances revealed the Security Predictions for 2014, on Monday highlighting top-10 threats and trends to watch out for next year.
The list includes new variants of attacks expected and also behaviors the attackers will showcase. The predictions have been prepared with insights from the Cyberoam Threat Research Labs (CTRL). To the 2014 list, it has added a few of its predictions from 2013, like the rise in browser-based attacks and the need for context-aware security.
1. “Client-side software exploits” – it will be!
CTRL foresees an increase in client-side software exploits in next few years, compared to the server-side. In 2013 there were numerous such exploits, where base client softwares like Microsoft and Adobe were exploited to spread the attack vectors across the network. The recent Microsoft advisories indicated client side exploits and this supports the prediction. Reasons for this hike include the increased scope of exploitation with increase in attack vectors, higher base of users who use these softwares and the money involved in it. The exploit kits used to exploit server side vulnerabilities cost much less than client side exploit kits, indicating the demand. Realizing that client side exploits will bring in more money, the focus on exploiting client-side vulnerabilities will increase too!
2. Attack vectors to get more intelligent
Attacks in 2013 have left us with one clear picture – the rise in sophistication and professionalism among attackers. In times to come, Cyberoam predicts attackers to get specific, both in terms of their objective and attack strategies. They now know whom and how they would attack and they are changing their strategies to hit the bull’s eye rather than shooting in the dark. In addition to this, a few attacks from 2013 indicate the evolution by including proven components from already-used attacks, combined to form more detrimental attacks.
3. Attacks on Industrial Control Systems & SCADA systems to continue
The amplified impact that an attack on Industrial Control Systems (ICS) can cause, justifies the interest attackers have on such systems. ICS/SCADA system attacks can cause catastrophic damage not only to a single unit but also to an entire country/province. It is the spread of impact compounded with the lack of adequate security available in such systems that have made ICS/SCADA networks a lucrative target for attackers. While there were 198 cyber attacks in 2012, the numbers increased to 240 in 2013. Cyberoam predicts further rise in such attacks in 2014 and beyond.
4. New exploit kits will be explored and used
The use of Blackhole exploit kit for attacks is a known fact. It is no secret that it was used extensively for attacks in the past. But with the arrest of ‘Paunch’ in 2013, the man behind the Blackhole exploit kit, new exploit kits have emerged. As attacks utilizing Blackhole exploit kit have been exposed, it is a need among attackers to come up with new ways. Also, with recent trends showing rise in exploits based on client side vulnerabilities, it is predicted that this menace is only going to aggravate.
5. Increase in need for Context-Aware security
With an increase in number of security features or solutions in an organization’s network to tackle emerging security risks, the job of security professionals is getting more complex. With increasing number of devices, users and applications to monitor this becomes even more difficult. The volume of data that the security appliances offer on various parameters is becoming a problem for network administrators presenting a need for context-aware security that enables faster decision making and action with the security intelligence it offers. The rising need in context-aware security goes in continuation with the prediction in 2013 regarding the rise in need for User Threat Quotient & Device Threat Quotient.
6. Security of Hybrid Cloud
In a generation of increased mobility, where tablets and smart devices are displacing desktops and paper-based processes, more users are turning to Cloud, specifically the Hybrid Cloud, as it offers more efficiency, business optimization, access to real-time data and always-on availability. However, the ability of Hybrid clouds to burst into the public cloud space when necessary is bringing up security concerns. Although this capability is particularly useful to organisations, it may be a call for danger and users and security vendors are realizing this.
7. Browser-based attacks are still hot!
In a bait to achieve sure-shot infection and victimize users, use of browser-based attacks like Waterhole will further rise. This will include a rise in exploitation of browser vulnerabilities and also use of malicious websites. Attackers will continue to target users by directing them to trusted and commonly visited URLs which would be infected with malicious codes or infect websites that are frequently visited by their targets. In 2013, many have already agreed on the rise seen in watering holes. In fact a lot of hackers who were using spear phishing attacks to target users have also started using watering holes.
8. Mobiles still remain a darling of malware attackers and exploits
Increasing base of smartphone users is the primary reason for attackers to find interest in attacking those devices. In addition to this, users use their personal devices to access work emails and connect to company networks, which aggravates this interest further. Applications are the backbone of smart phones and most of the mobile apps lack adequate security, adding to the misery. In 2014 there will be newer and sharper mobile threats.
9. “Internet of Things” adds Security risks for home devices
IOT- ‘Internet of Things’ is something we all are waking up to these days. Everything seems to be on the Internet! From our work to social lives and storage needs Internet has also opened its doors to home devices now. As more and more home devices get connected to the Internet, it is obvious that the attackers will soon find their way through them too. Cyberoam predicts a rise in need for security solutions for home devices, besides your office devices. Because one thing is evident – the level of risk and quantum of vulnerability is similar, irrespective of whether the device resides in your home or in your office network.
10. Windows users will be at risk as Windows XP comes to end-of-life
As Microsoft decides to stop supporting Windows XP after 8th April 2014, users will need to upgrade to newer Windows versions and the attackers will shift their focus to these versions. Moreover, users who still continue to use Windows XP, will not have their vulnerabilities patched, leaving them open to exploits.