Top security predictions for 2013

Security solutions vendor Cybroam says tomorrow's technology promises various trends like affordable gigabit Internet speeds, multiple devices per user, application chaos, and so on.

These trends are promising and they will bring business connectivity and productivity benefits to organisations, says Cyberoam.

However, it says, the primary question is: "Is security becoming a bottleneck for organisations in adopting these trends?" Apart from these, the vendor expects many more probable trends in the coming year, both from the IT and security landscape.

Looking at most of the cyber-security attacks reported in 2012, Cyberoam notes that insider threats have appeared more frequently in the last year.

It explains that insiders pose security risks both intentionally and unintentionally, which include not only abuse of confidential access to sensitive IT infrastructure, but also unmonitored Web access, which can infect multiple critical systems.

The vendor adds that intrusions to organisational network have served as a mainstream "hacking platform" for many malicious insiders to cause mayhem on the privacy, reliability and accessibility of the organisation's network and systems, leading to huge losses.

It also believes that with the advent of trends like bring your own device, the quantum of insider threats is sure to rise.

According to Cyberoam, 2012 was witness to the most critical infrastructure attacks ever, which included attacks like Shamoon malware, Flame, cyber attacks on natural gas pipeline companies, attacks on utility systems, DDOS attacks on US banks, and so on. In the wake of such attacks, the vendor fears that similar or even larger attacks can be foreseen in times to come.

"Supporting such raised alarms over this issue, we have facts from a report, namely: 'Global risks 2012', that concludes with cyber security as a major need to watch out for in the future. Looking at the dark side of our over-connected world, most critical infrastructures that control our daily lives can be compromised by skilled individuals remotely and anonymously, through networked computer systems.

"With our dependency on infrastructures like communications, gas, power, water systems becoming primary, a 'Fire Sale' attack threatening these systems holds the capability to drag us back to the Stone Age," it notes.

After helping data centres save costs, 'office-in-a-box' concept or workstation virtualisation is the next major IT wave, says Cyberoam.

The vendor notes that in 2012, there were about 58 million virtual machines running - an increase of 47.2 million since 2010. This indicates a 38.9% virtualisation penetration rate, indicating the dependency on this rapidly growing trend, it points out. With the growing virtualisation market, it fears cyber criminals are sure to invade this space.

It also points out that, as a beginning to such invasions, 2012 saw a malware named 'Crisis' - a devastating VMware-targeted threat. "Although this is the first of its kind virtual machine targeted threat, increasing and swift movement of data and operations towards virtualisation will surely be a driving force for attackers to come up with many such virtual machine targeted threats in 2013.

According to Cyberoam, today all users have various profiles and accounts on popular social media/networking sites, indicating the widespread presence of such Web sites in lives.

Statistics depict that 69% of online adults use social networking sites and 46% of adult Internet users post original photos or videos online that they themselves have created. These figures clearly point to the huge amount of data being shared online everyday, leaving trace of online activity, user behaviour and their needs, the vendor notes.

It adds that data available online today is in huge demand, not only among attackers and criminals but also among marketers, analysts, competitors, or for that matter, even the Web sites themselves which host the data. A recent case in which Facebook helped the government pin down criminals (who were Facebook users) clearly indicates the ownership these social media Web sites have over users' personal data.

"The underlined question emerging is: 'Is your online information private?' and the concern is growing exponentially."

Cyberoam says applications today have changed the way people function, be it at the workplace or in their personal lives.

"We have applications for collaboration used in offices and entertainment apps which include games and social media, which are used more than ever before due to explosion of smart devices. A similar hike is also found in the case of application-based attacks."

Looking at mobile applications, it notes that reports claim a 472% hike in the Android Market malware. However, it points out that although Android malware is increasing, other platforms including Apple and Blackberry have not been spared either.

When it comes to dealing with this kind of application chaos, Cyberoam explains, two main issues arise - the first is security and the second is the bandwidth crunch it poses on shared networks. Hence, it believes considering the application explosion, organisations in 2013 will need more dynamic application security offering proactive protection.

A recent study reveals approximately 45% of the people accessing the Internet do not utilise the most secure version of their Web browser, says Cyberoam.

The fact to be remembered is that like any other medium, even browsers are vulnerable if appropriate security patches are not applied, it notes.