Eight Security Predictions for 2022

2013 was not an easy year in cybersecurity—and we wait 2014 attacks volition be even more complex. In a new report out today, Websense Security Labs researchers collectively outlined eight predictions and recommendations for 2014. To read the full written report, please visit world wide web.websense.com/2014predictions. In addition, beneath is an infographic for quick reference.

Hither are the highlights:

i. Advanced malware volume volition subtract.

According to the real-time telemetry feeds in Websense ThreatSeeker® Intelligence Cloud, the quantity of new malware is beginning to decline. Unfortunately, this is bad news for organizations.

Cybercriminals will rely less on high-volume advanced malware considering over time it runs a college chance of detection. They will instead use lower volume, more targeted attacks to secure a foothold, steal user credentials and move unilaterally throughout infiltrated networks. Although the volume of attacks will decrease, the gamble is even greater.

ii. A major information-destruction attack volition happen.

Historically, most attackers take used a network breach to steal information for profit. In 2014, organizations need to exist concerned about nation-states and cybercriminals using a breach to destroy data.

three. Attackers will be more interested in cloud data than your network.

Cybercriminals will focus their attacks more on data stored in the cloud vs. data stored on the network. This tactical shift follows the movement of critical business data to deject-based solutions. Hackers will detect that penetrating the data-rich cloud can be easier and more profitable than getting through the “castle walls” of an on-premises enterprise network.

4. Redkit, Neutrino, and other exploit kits will struggle for power in the wake of the Blackhole author arrest.

Nosotros will see a fight for market leadership between a number of new entrants and existing exploit kits in 2014. Nosotros conceptualize Redkit and the Neutrino exploit kit will secure a stiff foothold in the coming year.

five. Java will remain highly exploitable and highly exploited—with expanded repercussions.

Most end points will proceed to run older versions of Coffee and therefore remain extremely exposed to exploitation. In 2014, cybercriminals volition devote more fourth dimension to finding new uses for tried-and-true attacks and crafting other aspects of advanced, multi-stage attacks.

6. Attackers volition increasingly lure executives and compromise organizations via professional person social networks.

As social networking continues to entreatment to the business organisation community in 2014, attackers volition increasingly apply professional websites, such as LinkedIn, to research and lure executives. This highly targeted method volition exist used to gather intelligence and compromise networks.

7. Cybercriminals volition target the weakest links in the “data-exchange concatenation.”

Attackers will become after the weakest links in the information concatenation and target the consultants exterior the network who have the most information. This includes consultants, contractors, vendors and others who typically share sensitive information with the large corporate and regime entities. And, information technology turns out, few of these partners have sufficient defenses.

viii. Mistakes volition be made in “offensive” security due to misattribution of an attack’s source.

For several years, we’ve been hearing more than virtually “offensive” security, where global governments and enterprises have been threatening retaliatory strikes against anyone defenseless attacking them or their interests. Failure to accurately identify a cyber-perpetrator could result in an innocent organization beingness caught in the crossfire.