End of year school report time for the ITC Threat Of The Week
Wow. A year has just gone by in a whirlwind of hacks, cracks and fracks.
At the end of last year we made some predictions about what would happen in the security world. At the mid year point we measured ourselves and were fairly on track. Let’s take a moment to see how we did in the second half of the year.
So how are we doing?
- Malware, especially mobile malware is rife. In September, Alcatel-Lucent reported that 15 Million mobile devices (mostly Android) were infected with malware. Android application permissions are a mess leading to some greedy developers selling customer geo-location details to advertisers.
As for Malware targeting desktops, laptops and servers, according to all industry analysts the trend is only going to be upwards, get used to it. Expect the focus of Malware investigation to follow the money and the criminal gangs in 2015.
- Cryptolocker – Symantec reported a 700% increase in Cryptolocker in 2014. Enough said. The fact that the delivery comes hand in hand with the Zeus credential stealing botnet we must remain vigilant when opening any links from people we don’t know, mustn’t we? (You know who you are).
- Windows XP exploits – It seems that most sensible people have now upgraded from XP. Hallelujah.
- Enterprise private clouds – BOOMING! See: http://www.computerworld.com/s/article/9249814/Enterprises_increasingly_look_to_the_private_cloud
- Behavioural based security – From the McAfee Network Threat Behaviour Analysis product, through Veracode’s mobile behavioural analysis to Alien Vaults ‘behavioural monitoring’, the hype builds, real results may follow.
- Social networks will be used by socially engineered employees – LinkedIn Users have been targeted by Phishing attacks after breaches:
- Mobile Security to be increasingly provided by vendors of device or OS – Compartmentalization and security features such as always on VPN (based on IKEv2) are features of Windows8.1, iOS8 and Android Lollypop. This is only going one way.
We are currently upgrading and locking down our Crystal Ball for next year’s predictions which will be with you in a couple of weeks time.
The message remains clear. Malware and information security breaches are becoming more mobile, more targeted, more accurate and more effective. You have little chance of identifying or dealing with attacks using point technologies, let alone understand your risk profile.
ITC’s NetSure360° Managed Security service, which was the best product winner at this year’s ISSA-UK ‘Security In The Spotlight’ event (just saying!) integrates our five steps to security process with best of breed technology so that you can see the wood from the trees and focus on what is really important to your business.
We expect more of the same in the next half of the year, not to mention a massive rise in credit card thefts from European traders.
If you would like to discuss any aspect of your information security with us, please contact us on: [email protected] or call 020 7517 3900