Johannesburg, 07 Nov 2007
The battlefield in the war against security threats has shifted from an individual, internal focus to a broader area encompassing entire organisations, whereby security firms protect the perimeter - every point of access to that organisation.
Is that where it will stop? Will the battle be won once every individual workstation within a company is secure, as well as the entire perimeter?
The advancement of technology means that the answer, alas, is, definitely not.
As new technologies are widely adopted, so new areas of vulnerability open up. Think of all the new access points to the perimeter itself as today`s mobile workforce links up with an organisation`s enterprise system not only via laptops, but also cellphones and other devices.
The cellphone is becoming more and more sophisticated, incorporating more software with each new model. Will cellphone viruses become the plague of the future? Unlikely? What about the Apple`s iPod cellphone? Downloading music from the Internet is notoriously fraught with risk of viruses.
How long will it be before someone develops a virus that is passed onto the cellphone? Soon the cellphone will in all likelihood be the device which replaces the credit card. That will certainly attract the globe`s sophisticated conmen.
As technology has developed, so the battlefield itself has become wider, with different threats coming from different directions.
While viruses continue to be a constant threat, they are no longer cause for the same measure of alarm; white-collar crime, which is almost always technology-based, has become the focal area of battle.
The landscape has shifted to widespread increases in data theft and data leakage, and the creation of malicious code that targets specific organisations for information that can be used for financial gain.
Previously, where phishing, spam, bot networks, Trojans, and zero-day threats were often used as separate attacks, attackers are now refining their methods by engineering combined forms of these attacks.
Not only has the volume of these combined forms of attacks increased, but, due to the collaboration required between attack types and, therefore, the attackers as well, this shift is also manifesting itself in increases in the consolidation of attack assets. This is creating expansive networks that support co-ordinated criminal activity on a global scale.
It is in the nature of the security industry to be largely reactive - development initiatives are frequently prompted by developments in the attack industry. As a result, as with any war where defences arrive after the attack threat becomes known, being reactive leaves a window of risk. But these gaps are always closed or defended in time and the war moves on to new targets.
Information security vendors are winning the war with their development of enterprise-wide solutions and other defences, but the war continues unabated.
Share