Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

Likely Advances in the Threat Landscape and How We Respond to Them in 2014

It’s that time of the year again. Time not only to make resolutions (which I fully plan to keep for at least a whole month), but also some predictions on what the future holds for security. One thing is for certain, the threats that companies face will continue to accelerate.

It’s that time of the year again. Time not only to make resolutions (which I fully plan to keep for at least a whole month), but also some predictions on what the future holds for security. One thing is for certain, the threats that companies face will continue to accelerate. And while that might seem like a very obvious and not so insightful observation, the devil is in the details. Here are the trends both in the threats and how we will respond to them in 2014.

First on the attack side, malware distribution is certainly going to become more complex and pervasive.

• Customized Malware-as-a-Service (MAAS) to Accelerate the Death Clock on Signature Detection

The availability of new malware creation services in underground markets will make it easy for attackers—with little skill or effort—to create customized exploits. These tools let malware authors upload malware, run tests against all popular AV engines, and identify those that will not detect threats. The tools then give the malware authors customized HTML code they can inject into various Web pages to cause visitors to load the malware in a hidden iframe.

2014 IT Security

These MAAS tools, which are being commercialized on the black market, enable the distribution of customized attacks for just a few dollars. Some even let attackers build malware by dragging and dropping features into an interface without even needing to know how to write code. As this customized malware becomes more common, I predict even less efficacy of signature-based defenses and a move by the industry to more heuristic-based defense.

• More Popular Trusted Websites to Host Malware

We will also see a shift in distribution from easily detected websites dedicated solely to placing malware on machines to hacks of legitimate websites not as likely to set off alarm bells. Driven by Google’s diligent blacklisting efforts of illegitimate websites hosting malware, attackers will look to use techniques such as Cross-Site Scripting (XXS) to place malware on legitimate sites. As attackers increasingly find their own channels blacklisted by Google and find it harder to rely on sites dedicated to hosting malware for distribution, only those leveraging an extreme degree of specificity and evasion will succeed in the long run. Everyone else will fail miserably.

• Android Adoption—and Android Malware—to Outpace Competitors

The current trends in Smartphone and tablet adoption will continue, if not intensify. The result will be an even more tilted mobile ecosystem, in which Google’s Android consolidates its position as the most popular mobile operating system and primary attack target for malicious actors interested in compromising mobile devices. While direct attacks on Android are possible, we expect the current focus on Trojanizing mobile applications to continue, as attackers are still realizing plenty of success in penetrating official and third-party Android application marketplaces.

On the industry side, what are some of the most likely areas we are likely to see discussed in 2014 and what are the implications?

• Security to Become the Killer App for Software Defined Networking (SDN)

In 2014, SDN will foster the rise of virtual networking focusing on activation, configuration, and service chaining—the ability to direct traffic flows along a designated path. Companies will be able to intelligently distribute security capabilities at the service layer for quicker and easier data center deployments. We are seeing many in the industry release virtualized versions of security controls that could lend themselves to software deployments.

• Active Defense to Gain Acceptance

Attackers take advantage of a fundamental asymmetry created by the passive nature of traditional security defenses. In response, more companies will adopt active defense techniques, like Intrusion Deception, to identify attackers and take real-time action to disrupt and frustrate their efforts. While the ethical and legal debates about the proper rules of engagement for companies will continue, acceptance of many active defense techniques is likely to grow.

Finally, what significant changes might we see from individual users either as consumers or employees and what will it mean for companies?

• Data Privacy Concerns to Change User Behavior

With revelations of widespread NSA surveillance, there is greater concern over privacy than ever before. This will lead to more people and businesses taking precautions to protect information. For the security community, this will likely mean an increasing demand by companies for new and stronger encryption. For consumers, we are likely to see an increase in the use of privacy enhancing technologies like the TOR network, HTTPS Everywhere, Ghostry, VPN, and private e-mail services.

While positive for privacy, it is an unfortunate development for security. As more users adopt these technologies, security administrators will begin to lose visibility and control over network traffic. With less ability to differentiate between desirable and undesirable traffic, administrators and security solutions will be less capable of defending networks.

It’s unclear if all of these predictions will come true and inevitably there will be events that happen that are impossible predict (hello NSA), but here’s hoping that they at least provide some good food for thought. What do you think?

Related ReadingStrategic Thinking – IT Planning and Risk in 2014

Related ReadingA Cyber Security New Year’s Resolution: Simplify Security

Related ReadingPlanning for Network Security in 2014

Related ReadingWhat Would Nostradamus Have Said About Cyber Security in 2014?

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.