We know we live in the digital age, but perhaps too rarely do we realize how much information is actually stored digitally. Currently, we create 2.5 quintillion bytes of data per day. 90% of the data in the world today was created in just the last two years. This “big data” is becoming too awkward to effectively secure using traditional tools. With more than 8,000 malware signatures created every day, we face an ever-evolving threat landscape. Thus, the security tools of 2013 will experience a shift in focus from mere prevention to detection, analysis and containment.
According to the Verizon Data Breach Investigation Report, authentication attacks and “hacktivism” are some of the top threats for 2013. Data breaches are more likely to be the result of “low-and-slow attacks,” said Wade Baker, principal author of the report. These low-and-slow attacks are enabled by malware which slips through single-tier traditional security systems and allows attackers to hold long-term, high-impact access to business data. Multi-layered security and big data analysis tools are needed to protect against and recover from these threats.
Authentication attacks include web application exploits, which are becoming a major threat to larger organizations and governments. The best protection against these types of attacks is vigilance and education. Businesses and other organizations must ensure they have sound processes for monitoring their user accounts and credentials on all systems, devices and networks.
This age of mobile devices has also created higher security risks for businesses as many are allowing employees to access their work accounts from personal smartphones and tablets. The BYOD (Bring Your Own Device) trend has been the cause of many security breaches in recent years, the majority of which were due to lost or stolen devices. Businesses which choose to take this risk need to create effective authentication processes. Authorization can also be more tightly controlled to allow employees access only to necessary information.
Hacktivism is a politically or socially motivated attack and is becoming the trend in cyber attacks for 2013. Social media sites such as Twitter, Pinterest, and Facebook were exploited in late 2012 for attacks of this kind as well as spam and even back-door Trojan schemes. Social media sites will continue to be a target for hackers in 2013 as they are an excellent source for stealing personal information.
Mobile malware started to be seen in 2012 and is expected to increase in 2013 in addition to mobile spam. The best protection for mobile scams is to treat your phone as you would your PC. Don’t open text messages or emails from unknown senders and use caution following shared links. Never give out personal information using digital means unless you are certain who is on the receiving end.
“Toll Fraud” is a mobile malware scam that was detected in 2012 and may still be a threat in 2013. This scam uses the messaging service of a victim’s phone to place huge charges on their phone bill. In most cases, the scammer escapes with the cash before the scam is even detected. Regularly check your phone bill to protect yourself from receiving unauthorized charges.
Because the cost of a data breach is so great, an important investment for 2013 will be the tools that can manage big data in the event of a security breach. A Gartner report has stated that by 2016, 40% of enterprises will actively analyze at least 10 terabytes of data for information security intelligence, quite a jump from the less than 3% which was seen in 2011. Protect yourself or your business from intelligent attacks using intelligent security tools.
Rick Delgado is a tech guru. From the latest gadgets to securing networks for major businesses to protect against advanced malware, Rick has seen and wrote about it all. Rick has over 12 years of professional experience in technology and is currently a freelance writer in Park City, UT.